P1
Our tracing indicates that certain traffic from the cgi scripts,
through the webserver to the browser/JVM, when SSL is turned on in the
webserver-browser link with JVM 1.3.1 on the browser, causes loss of the
webserver-browser connections. Murali Govindu, our PTS representative, can
reproduce this every time in his test environment. All inbound traffic over
the SSL link appears correct (browser TO webserver), but returned data from
the host's cgi causes loss of connection in several reproduceable cases.
The cgi's logging shows successful operation, but no data is returned to the
waiting applet. The java console indicates that two data connections have been
lost. This ONLY occurs with SSL enabled from the browser.
PTS has tested with JVM 1.3.1_04 and _11 on a variety of browsers, with
the same results, and against customer's 2 web servers versions, 6.0sp9 and 6.1sp3.
Ths combination with the problem is ALWAYS 1.3.1 when SSL is enabled.
Following is a snapshot of the java console; first is a successful session with
Netscape 4.79 with its 1.1.5 jvm (looks the same in all non-1.3.1 situations),
followed by Netscape 6.2 with 1.3.1 and SSL:
<previous interaction snipped>
.
.
Certificate=End
CertificateList=End
STOP CERT LISTING2
Starting network thread
https://ipm1.red.iplanet.com:61013/bin/uiprotocol?_SessionID_=dw%2b5rrzmRxIIEEws7BOqvKPm2av0iWgyV20mrTMiIQFAPvS0H64RkA%3d%3d&
Object converter thread
Flushing last network buffer
Wrote EOF
write: POLL|POLL1|0|
HTTP Receive|HTTP RETRIEVE1|0|
SMTP|SMTP1|0|
FTP (APPLICATION)|FTP1|0|
FTP (EDI)|FTP1|0|
GEIS FTP|GEIS FTP1|0|
Odette FTP (OFTP)|OFTP1|0|
HTTP for AIAG|HTTP AIAG|0|
HTTP for GISB|HTTP GISB|0|
HTTP SSL for OBI|HTTP SSL|0|
HTTP SSL for XML|HTTP SSL XML|0|
ebXML Send|ebXML Send|0|
Webmail Send|Webmail|0|
JMS Send|JMS Send|0|
eXML Connector|XML1|0|
Legacy Server (Oracle)|LOA|0|
Legacy Server (SAP)|LSAP|0|
Legacy Server (MQ Series)|LMQ|0|
CustomJava SMTPSend|USER DEFINED 3|9|SMTP Mail Host|SMTP Mail Host Port|Sender|Sender Email|Receiver|Receiver Email|User Id|User Password|Unused Parameter ? item1 ? item2|textbox|textbox|textbox|textbox|textbox|textbox|textbox|password|dropdown|
HTTP for AS2|HTTP AS2 Send|0|
----------------------------------
Now the failed one
----------------------------------
Netscape6.2 Java Console details:
<previous stuff snipped again>
.
.
Certificate=End
CertificateList=End
STOP CERT LISTING2
Object converter thread
Starting network thread
https://ipm1.red.iplanet.com:61013/bin/uiprotocol?_SessionID_=EAma7IoD%2FURyBw1ipQEh3SEH0IarP7lnS5dJ2dFboSMMafryoXhlsQ%3D%3D&
Connection lost
Connection lost
-------------------------------------------
As a bank, BMO insists that all their internal traffic be covered by SSL, even though
the users of this system run behind the bank's firewall.
through the webserver to the browser/JVM, when SSL is turned on in the
webserver-browser link with JVM 1.3.1 on the browser, causes loss of the
webserver-browser connections. Murali Govindu, our PTS representative, can
reproduce this every time in his test environment. All inbound traffic over
the SSL link appears correct (browser TO webserver), but returned data from
the host's cgi causes loss of connection in several reproduceable cases.
The cgi's logging shows successful operation, but no data is returned to the
waiting applet. The java console indicates that two data connections have been
lost. This ONLY occurs with SSL enabled from the browser.
PTS has tested with JVM 1.3.1_04 and _11 on a variety of browsers, with
the same results, and against customer's 2 web servers versions, 6.0sp9 and 6.1sp3.
Ths combination with the problem is ALWAYS 1.3.1 when SSL is enabled.
Following is a snapshot of the java console; first is a successful session with
Netscape 4.79 with its 1.1.5 jvm (looks the same in all non-1.3.1 situations),
followed by Netscape 6.2 with 1.3.1 and SSL:
<previous interaction snipped>
.
.
Certificate=End
CertificateList=End
STOP CERT LISTING2
Starting network thread
https://ipm1.red.iplanet.com:61013/bin/uiprotocol?_SessionID_=dw%2b5rrzmRxIIEEws7BOqvKPm2av0iWgyV20mrTMiIQFAPvS0H64RkA%3d%3d&
Object converter thread
Flushing last network buffer
Wrote EOF
write: POLL|POLL1|0|
HTTP Receive|HTTP RETRIEVE1|0|
SMTP|SMTP1|0|
FTP (APPLICATION)|FTP1|0|
FTP (EDI)|FTP1|0|
GEIS FTP|GEIS FTP1|0|
Odette FTP (OFTP)|OFTP1|0|
HTTP for AIAG|HTTP AIAG|0|
HTTP for GISB|HTTP GISB|0|
HTTP SSL for OBI|HTTP SSL|0|
HTTP SSL for XML|HTTP SSL XML|0|
ebXML Send|ebXML Send|0|
Webmail Send|Webmail|0|
JMS Send|JMS Send|0|
eXML Connector|XML1|0|
Legacy Server (Oracle)|LOA|0|
Legacy Server (SAP)|LSAP|0|
Legacy Server (MQ Series)|LMQ|0|
CustomJava SMTPSend|USER DEFINED 3|9|SMTP Mail Host|SMTP Mail Host Port|Sender|Sender Email|Receiver|Receiver Email|User Id|User Password|Unused Parameter ? item1 ? item2|textbox|textbox|textbox|textbox|textbox|textbox|textbox|password|dropdown|
HTTP for AS2|HTTP AS2 Send|0|
----------------------------------
Now the failed one
----------------------------------
Netscape6.2 Java Console details:
<previous stuff snipped again>
.
.
Certificate=End
CertificateList=End
STOP CERT LISTING2
Object converter thread
Starting network thread
https://ipm1.red.iplanet.com:61013/bin/uiprotocol?_SessionID_=EAma7IoD%2FURyBw1ipQEh3SEH0IarP7lnS5dJ2dFboSMMafryoXhlsQ%3D%3D&
Connection lost
Connection lost
-------------------------------------------
As a bank, BMO insists that all their internal traffic be covered by SSL, even though
the users of this system run behind the bank's firewall.