tomcat broken pipe linked to truststore

Tue, Apr 4, 2006

I’ve been getting a steadlly growing headache lately, provided by Tomcat again. While implementing the identity masquerading layer in the distributed Guanxi Service Provider, I kept getting this error:

java.net.SocketException: Broken pipe

Googling around seemed to suggest that it was firewall related. A firewall dropping connections. So I stopped the firewall on the G4 and the error went away.

After moving the SSL code out of the incubator and putting it into the SP, the error came back. I turned off the firewall but this time it didn’t go away. There’s a reference to this error in Tomcat’s Bugzilla that suggested that it was harmless. In my case it certainly wasn’t harmless as it stopped the SSL layer working.

Then it occurred to me that I hadn’t updated Tomcat’s truststore with the certificate of the Guard I was testing. I did that and the error went away.

What a joke! So, instead of some meaningful message, Tomcat just closes the connection if it doesn’t trust the client.

At least it’s secure!

comments powered by Disqus