forums.smartfoxserver.com

Hi there,

Been using SmartFox for a bit over a year now and have had no issues until just recently. I'm not 100% sure if the issue even is with SmartFox, but I wanted to bring it up here anyway, in case anyone can shed some light on this situation. In our extension, we are making http requests using Apache HttpComponents. This has been working perfect for us for a long time, but yesterday we started receiving this "SSLHandshakeException: Received fatal alert: handshake_failure" when trying to make one of our requests. What's really weird is that neither we nor the server we're trying to connect to have changed anything. I don't know how it could suddenly stop working if nothing has changed, but that is strangely the case.

After doing some reading, I saw that it could be due to mismatched ciphers or TLS version between us and the other server. I read that a possible fix is to update the jre's policy .jars to the JCE Unlimited Strength Jurisdiction Policy Files (https://www.oracle.com/technetwork/java ... 33166.html). So I did that, and now the request is going through again. However, the server is now incredibly slow, specifically with database calls. I know the issue is not with the database calls themselves, because we have a second server running the exact same extension but with the old policy files and it's pretty damn fast. Even still, I tried optimizing our queries on the slow server and it didn't help.

Any idea what could be happening here? Why would replacing those .jars cause such a slow down in performance? Is there something else we should do to fix the handshake error?

Any help would be greatly appreciated. Thanks!

Hi,
it all sounds pretty weird.
Do you connect via SSL to the database? If so maybe the change you've made is impacting the DB connection too?

Have you tried the solution at the bottom of this discussion?
https://stackoverflow.com/questions/328 ... ke-failure

I would suggest to give it a try and switch back to the original JRE settings.

Cheers

Hi Lapo,

Thanks for your response. Our database isn't using SSL connections, And we're connecting to it via the database manager tab in the zone configurator in the admin panel.

I put back the old policy files and tried the accepted answer as well as the last response in that thread and I still can't get it to work. I just receive the handshake failure again. I'll continue digging further into enabling SNI or messing around with SSL connections but my tests so far have been fruitless.

On another note, I've noticed that even after changing my jre's policy files back to the old ones, the server is still slow. So perhaps the ciphers weren't the cause and it's actually something else. If other details would help, I'm using Smartfox in a Jelastic environment. I'm also going to contact them to see if it's something they'd be able to help with.

Hi,
what exactly is slow? The response times?
Have you checked the ping times from client to server?
Is the server state healthy? Meaning there are no major CPU/Memory spikes during normal activity?

Cheers

Hi Lapo,

I found what the issue was. In the JVM settings, I had put this -Djavax.net.debug=all to see if it could help me pinpoint the reason why the requests weren't going through. After updating the policy files, I could have sworn I removed it, but apparently I didn't. When I did a setting by setting comparison of our slow server to one of our fast ones, I realized I still had it there. I guess all the extra logging was killing performance. After actually removing it, everything is fine.

I'm so sorry to have wasted your time on such a silly oversight on my part.

No problem. I am glad you found the cause

Cheers