Reputation: 987
Undertow (I think) closes connection after SSL Client Hello
I'm trying to setup my springboot app on Debian Stretch production server. App uses TLS 1.2 and HTTP2 so I ran it with embedded Undertow and it worked flawlessly on Windows, however it seems to just drop connection after Client Hello on Linux. this is what it looks like in wireshark:
I was able to connect over insecure http/1.1 with no problems though. I'm pretty sure it has something to do with TLS, because turning it off in application.properties allows Undertow to fallback to http/1.1. (I need multiplexing though)
And I can't find anything that could cause such behaviour. It's not keystore because I get no errors in Java.
The only thing I had to change from Windows were JVM parameters I had to change to make it use IPv4:
java -Xbootclasspath/p:/home/dptools/alpn-boot-8.1.11.v20170118.jar -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses -jar dpTools-0.0.1-SNAPSHOT.jar
Upvotes: 1
Views: 752
Answers (1)
Reputation: 987
Turns out it was keystore after all, not exactly keystore, but keypair inside. Apparently putting special characters in alias is not a good idea. after switching to alphanumeric alias it works. What concerns me is lack of any error on socket binding.
Upvotes: 1
Related Questions
- Undertow on Spring leaks connections
- Spring Boot WebClient : Closes connection prematurely before response
- Connection not closing
- Spring-boot configure client-auth=need for secondary SSL listener
- SpringBoot behind Proxy works with Undertow but not with Tomcat
- Websocket (spring) ssl connection (empty chain)
- Spring boot - bad TCP connection handling
- HTTPS in Undertow
- Undertow HTTPS listener
- Getting SocketTimeoutException while trying to resolve SSLHandshakeException