Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Clearing SSLSessions  RSS feed

 
Dan Dubinsky
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have some code that is connecting to an external server using:

URL url = new URL(strRemoteServerName);
HttpsURLConnection urlConn = (HttpsURLConnection) url.openConnection();

Once in a while there is a problem with the server on the other end and they dynamically switch it to another server using some sort of fail over. After that, my connections don't work anymore. I get

Remote host closed connection during handshake
javax.net.ssl.SSLHandshakeException: Remote host closed connection
during handshake
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275(Compiled Code))
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)


until I restart my application. I suspect it's because the SSLSessions are being cached internally. If I get this error I would like to have my code invalidate the sessions and try again.

My problem is I'm not sure how to get to the SSLSessions when using HttpsURLConnection. I looked around the Javadoc and I can only see a getSession method in the SSLSocket class, but that is a level below the API I'm using.
 
Stan James
(instanceof Sidekick)
Ranch Hand
Posts: 8791
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Way down in the guts of things, the Socket or InetAddress or some class caches IP addresses for URLs. The cache has a time to live parameter. We had exactly the same problem when a partner failed over to backup machines and had to set the TTL very short.

Zero may not be the right answer for you. If you hit the address fairly often, a few seconds might save a lot of DNS lookups. I just read that Java6 has a shorter default ttl ... here: More info
[ May 24, 2007: Message edited by: Stan James ]
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!