-
Notifications
You must be signed in to change notification settings - Fork 647
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSLEngine closed already Error #536
Comments
@pluttrell I see some stack trace from Tomcat so may be that's the server and some stack trace from Reactor Netty Http Client, but what's the scenario that you are executing? |
Not exactly sure what you mean by 'scenario', but perhaps this info will help. This is a Spring Boot service based on As part of responding to one of the requests, we're using the webClient
.post()
.uri("https://...")
.header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE)
.body(Mono.just(car), Car.class)
.retrieve()
.onStatus(HttpStatus::is4xxClientError, clientResponse -> ...)
.bodyToMono(ReservationResource.class); Does that help? |
@pluttrell I committed a fix, so please try it |
@violetagg This is pretty easy to reproduce on Californium 0.85 snapshot. Create two gateways and a responsive back end. E.g Gateway 1 -> Gateway 2 -> Back End Set a timeout of 500ms on Gateway 1. Setup a gatling script which makes many calls < 500 ms (GET and POST). And setup a single call that will take longer than 500ms (GET and POST). You will end up with the following in the gateway 1 logs. Gateway 2 is fine.
|
Sample script.
|
@dave-fl Do you have SSL only for the |
@violetagg Both. All my tests always have SSL turned on. |
I have a service running Spring Boot v2.1.2.RELEASE (reactor-core v3.2.5.RELEASE & reactor-netty v0.8.4.RELEASE) and it uses WebClient to communicate with other backend services. I have the same error in my logs:
|
0.8.5 fixed this for me |
Getting similar error with
Happens sporadically. Can't find any patterns in logs. |
Getting similar exception with reactor-netty 0.8.5 & 0.8.6 Cloud Gateway version:2.1.3 RELEASE In our production system, we are observing "javax.net.ssl.SSLException: SSLEngine closed already" exceptions. The exception encounter rate depending on the route count and traffic. I'm using the elastic pool(default) and below is the stack trace from logs: reactor-http-nio-150 HttpClientConnect - [id: 0x21e26b17, L:/127.0.0.1:29974 - R:localhost/127.0.0.1:8872] The connection observed an error I am suspecting the connection is already closed on other end, but elastic connection pool is still trying to use the same connection which is causing this issue. seems netty connection pool not doing health checks whether the connection is already broken or not. |
This is happening in reactor-netty 0.8.9 version as well. (BOM: Californium-SR9) |
Steps to reproduce
This problem happens intermittently. We're seeing it maybe once out of 50 requests from our full lifecycle health check calls.
Reactor Core version
3.2.2.RELEASE, which we're including with spring boot 2.1.0.RELEASE (latest at the time of this report).
JVM version (e.g.
java -version
)openjdk version "11.0.1" 2018-10-16
OpenJDK Runtime Environment (build 11.0.1+13-Debian-2)
OpenJDK 64-Bit Server VM (build 11.0.1+13-Debian-2, mixed mode, sharing)
OS version (e.g.
uname -a
)Linux 0c553deebac8 4.9.125-linuxkit #1 SMP Fri Sep 7 08:20:28 UTC 2018 x86_64 GNU/Linux
Actual behavior
Expected behavior
If the root cause is a bug, naturally the expected behavior would be for it to work.
If the root cause is an SSL issue with the service that we're connecting to, then it would much more useful to receive an error message that indicates what the actual problem.
The text was updated successfully, but these errors were encountered: