Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-dev] server with jetty 9.4.2 no longer accessible from iPhone

hi,

this seems to be caused by HTTP2:

09:42:54.256|INFO |gotiatingServerConnection||ALPNServerConnection@4d98f14<-DecryptedEndPoint@1bb2cfdd{/5.170.107.125:3791<->/10.100.216.60:9443,OPEN,fill=-,flush=-,to=19/30000}->ALPNServerConnection@4d98f14->SocketChannelEndPoint@3e5d77ff{/5.170.107.125:3791<->/10.100.216.60:9443,OPEN,fill=-,flush=-,to=0/30000}{io=0/0,kio=0,kro=1}->SslConnection@2b58cd0d{NEED_UNWRAP,eio=-1/-1,di=-1}=>ALPNServerConnection@4d98f14 application selected protocol 'h2-16', but no correspondent org.eclipse.jetty.server.ConnectionFactory has been configured

On my start.ini I have this:

jetty.alpn.protocols=h2-17,h2-16,h2-15,h2-14,h2,http/1.1

Any ideas?

thanks,
Michele

On 6 March 2017 at 09:37, Michele Rossi <michele.rossi@xxxxxxxxx> wrote:
hi all,

I have recently upgraded our system to the latest Jetty - 9.4.2 - finding that it's no longer possible to connect from an iPhone.
That happens with Safari, Chrome and Firefox (all on their respective latest versions).

From the error message I could tell that the problem is the negotiation of available SSL ciphers.

What has changed in 9.4.X in that area?

And how do I find Jetty changelogs? I have clicked around a while but I had no luck (sorry).

My ssl-tweak file looks like this:

<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">

<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>.*NULL.*</Item>
<Item>.*anon.*</Item>
</Array>
</Set>

<Set name="ExcludeProtocols">
<Array type="java.lang.String">
<Item>SSL</Item>
<Item>SSLv3</Item>
<Item>SSLv2</Item>
</Array>
</Set>
</Configure>


thanks,
Michele


Back to the top