Hi, thanks for your reply.
The EOF call that yields a functional issue for the end user appears to be made from the 'server side' of this application to its neighbour application in the same Jetty9(and as such the same jre, 8), Geoserver. I don't see it when looking at traffic between an end user and the application. The application uses the jars mentioned in the original email, among others (8.1.16v20140903) jetty-client in
https://github.com/boundlessgeo/GeoExplorer/blob/master/app/httpclient.js which in turn is used by
https://github.com/boundlessgeo/GeoExplorer/blob/master/app/auth.js :
The troubled part:
exports.getStatus = function(request) {
var url = ""> var status = 401;
var headers = new Headers(request.headers);
var token = headers.get("Cookie");
var exchange = clientRequest({
url: url,
method: "GET",
async: false,
headers: headers
});
exchange.wait();
return exchange.status; //Status is 0, exchange.content is null for https url
};
where url ==
https://domain/geoserver/rest but the logs report it as GET//domain:443/geoserver/rest and if that is
http://domain:443/geoserver/rest then our jetty9 can't handle that request, it gets aborted whether you try it from the application server or a client machine. It may be that we should configure jetty9 to understand and redirect
http://domain:443 but I don't think just that would solve the issue, it is probably a bit of a tls configuration issue as you say since the official doc
http://www.eclipse.org/jetty/documentation/current/http-client.html says "
When you create a HttpClient instance using the parameterless constructor, you will only be able to perform plain HTTP requests and you will not be able to perform HTTPS requests.
In order to perform HTTPS requests, you should create first a SslContextFactory, configure it, and pass it to the HttpClient constructor. When created with a SslContextFactory, the HttpClient will be able to perform both HTTP and HTTPS requests to any domain."
so I tried changing httpclient.js to import the util.ssl package and then create the httpclient like so:
var sslcontxtfctry = new SslContextFactory(true);
var client = new HttpClient(sslcontxtfctry);
but this makes no perceivable difference. The GET is still to :443 and it still EOFs.
It is entirely possible that this issue is outside of the scope of this forum, if so I won't pursue it further.
If there's any further assistance to be had I shall of course be happy to receive it : )