58518 – SSL connection failed (Time out)

Bug 58518 - SSL connection failed (Time out)

Summary: SSL connection failed (Time out)

Status:	RESOLVED FIXED

Alias:	None

Product:	Tomcat 8
Classification:	Unclassified
Component:	Connectors (show other bugs)
Version:	8.0.28
Hardware:	PC All

Importance:	P2 critical (vote)
Target Milestone:	----
Assignee:	Tomcat Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-10-22 09:01 UTC by Hanjun
Modified:	2015-10-27 15:14 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hanjun 2015-10-22 09:01:14 UTC

After upgrade to Tomcat 8.0.28, the SSL connection failed (Time out).
When downgrade back to Tomcat 8.0.27, the SSL connection back to normal.
Any other variables are not changed (OS, JVM, configurations). Only change the Tomcat version.

I guess this problem is caused by 8.0.28 changed the rule of reading/parsing the path of configuration resources (keystore locations of SSL).
e.g. using the format of C:/ or / will cause reading configuration resources fail in the Tomcat 8.0.28 but 8.0.27 works well.

Here is my server.xml of Connector part. Other parts of server.xml are the same with  default version.

    <Connector port="443" protocol="org.apache.coyote.http11.Http11Nio2Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLSv1.2"
               keystoreFile="C:/Users/Administrator/mysite.jks"
			   keystorePass="changeit"
			   />

Note: This bug may related to Bug 56777
https://bz.apache.org/bugzilla/show_bug.cgi?id=56777

Comment 1 Mark Thomas 2015-10-25 13:46:13 UTC

This was a regression in bug 56777.
This has been fixed in trunk and 8.0.x for 8.0.29.

Comment 2 Christopher Schultz 2015-10-27 15:14:25 UTC

Potential (untested) workaround: use a "file:" URL to specify your keystore file on the filesystem.