You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We configured port 10069 for SSL input to logshipper.
The jruby-openssl implementation (SSLSocket.java) insists on completing the SSL handshake before cloning a new thread to handle the connection. If a non-TLS process connects to the TLS port, it is hung and unusable for future TLS sessions.
You can reproduce this by running nc localhost 10059 <-- or whatever logstash port is configured for TLS
If you leave nc running, openssl s_client -connect localhost:10059 will hang in CONNECTED, and not be able to establish a TLS session. Neither will any other external clients wishing to send events or logs to logstash.
logstash uses jruby-openssl.
We configured port 10069 for SSL input to logshipper.
The jruby-openssl implementation (SSLSocket.java) insists on completing the SSL handshake before cloning a new thread to handle the connection. If a non-TLS process connects to the TLS port, it is hung and unusable for future TLS sessions.
You can reproduce this by running nc localhost 10059 <-- or whatever logstash port is configured for TLS
If you leave nc running, openssl s_client -connect localhost:10059 will hang in CONNECTED, and not be able to establish a TLS session. Neither will any other external clients wishing to send events or logs to logstash.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
The text was updated successfully, but these errors were encountered: