7 Replies Latest reply on Jul 18, 2003 3:38 PM by Bruce Wilson

    Blank pages in Jetty with SSL

    Bruce Wilson Newbie


      I have a web app with multi-frame pages served from JSPs
      (Jetty 4.2.9/JBoss 3.0.7).

      If I invoke this web app from IE 6.0 using https (SSL), some of the
      frames show up blank, with the watch cursor displaying within them.

      Invoke the same page with http under IE 6.0 and it finishes displaying
      OK.

      Invoke the same page with IE 5.5 using http OR https, it displays OK.

      Has anyone out there experienced similar behavior and can tell me
      how to get things displayed correctly under IE 6.0 ?

      I've deployed a JsseListener for port 443 in the "usual" way under
      JBoss, as far as I know:

      15:10:12,567 INFO [jbossweb] Starting Jetty/4.2.9
      15:10:12,617 INFO [jbossweb] Started org.mortbay.http.NCSARequestLog@1a61172
      15:10:12,637 INFO [jbossweb] Started SocketListener on 0.0.0.0:80
      15:10:12,647 INFO [jbossweb] jetty.ssl.keystore=D:\JBoss\server\default/conf/myapp.jks
      15:10:12,647 INFO [jbossweb] jetty.ssl.password=******
      15:10:12,647 INFO [jbossweb] jetty.ssl.keypassword=******
      15:10:12,657 INFO [jbossweb] jetty.ssl.keystore.type=jks
      15:10:12,687 INFO [jbossweb] jetty.ssl.keystore.provider.name=[DEFAULT]
      15:10:13,097 INFO [jbossweb] SSLServerSocketFactory=com.sun.net.ssl.internal.ssl.SSLServerSocketFactoryImpl@457d21
      15:10:13,107 INFO [jbossweb] JsseListener.needClientAuth=false
      15:10:13,117 INFO [jbossweb] Started SocketListener on 0.0.0.0:443
      15:10:13,117 INFO [jbossweb] Started org.jboss.jetty.Jetty@15f7107

      Thanks in advance,

      Bruce

        • 1. Re: Blank pages in Jetty with SSL
          Paul Newbie

          In version 3.0.6, I had similar problems; although, mine was sporadic. I finally gave up and started using Tomcat. I was running Windows 2000.

          • 2. Re: Blank pages in Jetty with SSL
            Jon Barnett Master

            Are you using real certificates or self-signed ones? We've only had problems when IE6 automatically rejected the certificate because the site didn't match the certificate and the self-signed cert wasn't installed as a recognised authority. Other than that no problems with IE6 or Opera using Jetty - our preferred servlet engine at the moment because it is not as resource hungry.

            • 3. Re: Blank pages in Jetty with SSL
              Bruce Wilson Newbie

              We are using self-signed certificates (not even that,
              just a key pair in a Java keystore - the IE dialog shows
              just the one key in its "Certification Path" window, saying
              it's not a "Trusted Root Certification Authorities Store").

              Jonlee, when you said you had trouble with self-signed
              certificates and IE 6, was it the case that you couldn't
              access any pages at all, or did the page partially load,
              with some frames or images missing ? I can get past
              the initial login page in my application OK, it's the page
              after that (the first content page) for which some frames
              are failing to load.

              I've been looking at this issue a little more. This page
              loads a *lot* of images - about 200 of them currently
              (for mouse rollover animations). These images are all
              being loaded in Javascript (Images.src="/images/foo.gif"); it seems to be the
              pages that are loading images in Javascript like this
              that are having the problems.

              Sound familiar, anyone ? Bueller ? Bueller ?

              Thanks in advance for any further advice,

              Bruce

              • 4. Re: Blank pages in Jetty with SSL
                Jon Barnett Master

                OK. My memory is coming back. You can have a problem with the certificate when the browser is set to not accept unknown CAs. You'd get a blank page but I'm not sure whether it was in Tomcat or Jetty.

                However, I now recollect there was another problem with HTTPS/HTTP. If you requested HTTP when communicating with the HTTPS listener or HTTPS from the HTTP listener, you would get no output and the hourglass. Is it possible that this is happening?

                e.g. https://myserver:8080/... or http://myserver:8443/...

                • 5. Re: Blank pages in Jetty with SSL
                  Bruce Wilson Newbie


                  I'm definitely invoking the pages using the correct
                  scheme/port: http://myserver:80 or https://myserver:443

                  • 6. Re: Blank pages in Jetty with SSL
                    Jon Barnett Master

                    OK. Do you get any access requests registered (in the Jetty access logs) for the items that don't load? And how many access requests for items do appear from that page? Does changing the number of available listeners change anything?

                    • 7. Re: Blank pages in Jetty with SSL
                      Bruce Wilson Newbie

                      I do not get an access requests showing up in the
                      Jetty log for things that don't load.

                      I've grepped the log file and compiled lists of the
                      accesses for port 80 and port 443, extracted just the
                      URLs from the list, then diff'ed the lists. The 443 list is
                      missing the accesses to the .gif files. The last file that
                      both lists have in common is a ".js" file that loads the
                      images from Javascript. The port 80 list has 267
                      requests; the port 443 list has 71 entries.

                      By "change the number of available listeners", do you
                      mean change MaxThreads ? I haven't tried that. It's
                      currently set at 100. I can tell you that I've done a
                      netstat on the server, grepping for the client host name,
                      and have found that there are generally two sockets
                      open to port 443.

                      I'll try changing the number of threads and see what
                      happens.