3

I am trying to resolve an SSLHandshakeException and for that, I am trying to enable SSL to debug mode, I have tried setting -Djavax.net.debug=ssl but it doesn't work, the logger only gives me information about classes like org.eclipse.util.ssl.SSLContextfactory and org.eclipse.util.ssl.X509, does this mean that Jetty doesn't use JSSE implementation in its core?

I am trying to visualize the logs in this format: https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/ReadDebug.html

Jetty is embedded in a bundle (Karaf OSGi Framework) using Pax Web 7.x

Thanks for the help.

Diego Ramos
  • 989
  • 4
  • 16
  • 35
  • How are you starting Jetty? (standalone? jetty-home? embedded? from an IDE?) – Joakim Erdfelt Mar 09 '21 at 12:59
  • @JoakimErdfelt it is being started in an OSGi environment, it is embedded in PS4J Pax Web (https://ops4j1.jira.com/wiki/spaces/paxweb/overview), currently I am using Pax Web 7.x, thanks for the reply. – Diego Ramos Mar 09 '21 at 22:03
  • Can you post the entire Exception? It would help to see the details of how it's generated in your environment to see how to tweak your environment to produce logs. – Atmas Mar 21 '21 at 00:22

1 Answers1

0

The following vm argument should do the trick:

-Djavax.net.debug=SSL,keymanager,trustmanager,ssl:handshake

or

-Djavax.net.debug=ALL

Hakan54
  • 3,121
  • 1
  • 23
  • 37
  • I thought passing the additional values could maybe provide more debug logging if present, thats the reason why I provided `keymanager,trustmanager,ssl:handshake` as additional values – Hakan54 Mar 09 '21 at 14:08
  • Shouldn't it be `-Djavax.net.debug=SSL,keymanager,trustmanager,ssl,handshake` ? – mamen Mar 24 '21 at 09:03