Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.1.0.DR14
Affects Version/s: 7.1.0.DR4
Component/s: Security
Labels:
- eap71_alpha
- http
- http2
- ssl

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Steps to Reproduce:
Hide

You can use standalone-elytron.xml attached in attachment

./bin/standalone.sh -c standalone-elytron.xml

Then access this page

https://localhost:8443/

Result: It doesn't work

If you set "enable-http2" attribute to "false" everything works fine.

./subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=enable-http2, value=false) :reload
Show
You can use standalone-elytron.xml attached in attachment ./bin/standalone.sh -c standalone-elytron.xml Then access this page https://localhost:8443/ Result: It doesn't work If you set "enable-http2" attribute to "false" everything works fine. ./subsystem=undertow/server= default -server/https-listener=https:write-attribute(name=enable-http2, value= false ) :reload

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Reason for BLOCKER priority is that RFE https://issues.jboss.org/browse/EAP7-571 can be verified till will be fixed this issue.

When I want to use HTTPS settings in combination with Elytron subsystem then I have to set "enable-http2" to "false" value.

For settings I followed this blog post http://darranl.blogspot.cz/2016/02/wildfly-elytron-ssl-configuration.html
And as keystore I used default application.keystore

Actual results:
Browser cannot load pages over HTTPs when HTTP2 is enabled.
Chrome show this information:

Server send no data

ERR_EMPTY_RESPONSE

and Firefox show this

Secure connection failed

The connection to XYZ was interrupted while the page was loading.

* The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
* Please contact the website owners to inform them of this problem.

Expected results:
Browser can load pages over HTTPs when HTTP2 is enabled

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

application.keystore
2 kB
2016/09/09 3:51 AM
standalone-elytron.xml
26 kB
2016/09/09 3:51 AM
elytron_server_curl.log
255 kB
2016/09/12 6:46 AM
elytron_server_Chrome.log
537 kB
2016/09/12 6:46 AM
elytron_server_Firefox.log
508 kB
2016/09/12 6:46 AM
server_curl.log
175 kB
2016/09/12 6:46 AM
server_Firefox.log
167 kB
2016/09/12 6:46 AM
server_Chrome.log
338 kB
2016/09/12 6:46 AM
elytron_wireshark_Firefox.pcapng
20 kB
2016/09/12 10:22 AM
wireshark_Firefox.pcapng
686 kB
2016/09/12 10:22 AM
standalone-elytronDR8.xml
26 kB
2016/11/15 9:56 AM
standaloneDR14.xml
28 kB
2017/03/20 8:05 AM

is cloned by

WFCORE-2509 Elytron + https-listener in undertow listener doesn't work with enable-http2 set to "true"

Resolved

is documented by

JBEAP-9689 Update docs about how to set HTTPs + Elytron + HTTP2

Closed

is incorporated by

JBEAP-9193 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta9

Closed

is related to

JBEAP-9690 Inadequate security with Elytron + HTTP2

Closed

JBEAP-9703 Elytron + TLSv1.1 + wrap attribute to false results in empty reply from server

Closed

JBEAP-9803 ssl-context attr desc - add mention that unwrapped SslContext is needed for HTTP/2

Closed

(1 is related to)

Assignee:: Darran Lofthouse

Reporter:: Hynek Švábek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2016/09/09 4:05 AM

Updated:: 2024/09/13 3:53 PM

Resolved:: 2017/03/13 4:43 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates