Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5942

Elytron + https-listener in undertow listener doesn't work with enable-http2 set to "true"

XMLWordPrintable

    • Hide

      You can use standalone-elytron.xml attached in attachment

      • ./bin/standalone.sh -c standalone-elytron.xml

      Then access this page

      Result: It doesn't work

      If you set "enable-http2" attribute to "false" everything works fine.

      ./subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=enable-http2, value=false)
      :reload
      
      Show
      You can use standalone-elytron.xml attached in attachment ./bin/standalone.sh -c standalone-elytron.xml Then access this page https://localhost:8443/ Result: It doesn't work If you set "enable-http2" attribute to "false" everything works fine. ./subsystem=undertow/server= default -server/https-listener=https:write-attribute(name=enable-http2, value= false ) :reload

      Reason for BLOCKER priority is that RFE https://issues.jboss.org/browse/EAP7-571 can be verified till will be fixed this issue.

      When I want to use HTTPS settings in combination with Elytron subsystem then I have to set "enable-http2" to "false" value.

      For settings I followed this blog post http://darranl.blogspot.cz/2016/02/wildfly-elytron-ssl-configuration.html
      And as keystore I used default application.keystore

      Actual results:
      Browser cannot load pages over HTTPs when HTTP2 is enabled.
      Chrome show this information:

      Server send no data
      
      ERR_EMPTY_RESPONSE
      

      and Firefox show this

      Secure connection failed
      
      The connection to XYZ was interrupted while the page was loading.
      
      * The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
      * Please contact the website owners to inform them of this problem. 
      

      Expected results:
      Browser can load pages over HTTPs when HTTP2 is enabled

        1. application.keystore
          2 kB
          Hynek Švábek
        2. elytron_server_Chrome.log
          537 kB
          Hynek Švábek
        3. elytron_server_curl.log
          255 kB
          Hynek Švábek
        4. elytron_server_Firefox.log
          508 kB
          Hynek Švábek
        5. elytron_wireshark_Firefox.pcapng
          20 kB
          Hynek Švábek
        6. server_Chrome.log
          338 kB
          Hynek Švábek
        7. server_curl.log
          175 kB
          Hynek Švábek
        8. server_Firefox.log
          167 kB
          Hynek Švábek
        9. standaloneDR14.xml
          28 kB
          Hynek Švábek
        10. standalone-elytron.xml
          26 kB
          Hynek Švábek
        11. standalone-elytronDR8.xml
          26 kB
          Hynek Švábek
        12. wireshark_Firefox.pcapng
          686 kB
          Hynek Švábek

              darran.lofthouse@redhat.com Darran Lofthouse
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: