https://bz.apache.org/bugzilla/show_bug.cgi?id=69936
--- Comment #4 from Martin FĂșsek <[email protected]> --- <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> ... <Connector port="8453" protocol="HTTP/1.1" SSLEnabled="true" executor="tomcatThreadPool" scheme="https" secure="true"> <SSLHostConfig truststoreFile="/etc/nps-tomcat/mutualstore" truststorePassword="<redatected>" truststoreType="JKS" sslProtocol="TLS" protocols="TLSv1.2" certificateVerification="want" > <Certificate certificateKeystoreFile="/etc/nps-tomcat/<redatected>.p12" certificateKeystorePassword="<redatected>" certificateKeystoreType="pkcs12" /> </SSLHostConfig> </Connector> Tomcat 10 uses by default NIO, but after changing to NIO2 behaviour is same. 14:28:17.383 INFO {main} [o.a.catalina.core.AprLifecycleListener(155)] : Loaded Apache Tomcat Native library [2.0.12] using APR version [1.6.3]. 14:28:17.395 INFO {main} [o.a.catalina.core.AprLifecycleListener(422)] : OpenSSL successfully initialized [OpenSSL 3.2.3 3 Sep 2024] 04:39:51.097 INFO {main} [o.a.c.h.Http11NioProtocol] : Starting ProtocolHandler ["https-openssl-nio-8453"] 14:28:40.985 INFO {main} [o.a.c.h.Http11Nio2Protocol] : Starting ProtocolHandler ["https-openssl-nio2-8453"] I now successfuly tried remove (but leak persist) Replace_some_deprecated_code_with_OpenSSL_3_0+_equivalent or/and Use_new_auto_configuration_of_DH_params_rather_than_deprecated_callback (previously i have configuration error that i tried enable ocsp, with ocsp connection fails i client cert used) -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
