Gen Java Proxy Runtime persistent secure connection fails on every 2nd call
search cancel

Gen Java Proxy Runtime persistent secure connection fails on every 2nd call


Article ID: 366722


Updated On:


Gen Gen - Run Time Distributed


Trying to evaluate the following Gen Java proxy to Transaction Enabler (aefuf/aefad) scenario for future use:
any Web application --> (https/rest) --> SpringBoot web server (rest 2 Gen Java Proxy)  --> (tcpip/ssl) --> HA proxy (with ssl termination + load balancing) --> AEFUF -> AEFAD

Testing Gen Java Proxy Runtime with connection_persistence and secure_connection enabled.

First identical call has completed before and the secure connection is already cached. Then the second call fails.

See trace extract where the second call fails:
a.g.b.p.service.ProxyServiceImpl         : Calling Procedure-Step TG1_ALG_TEST_S_CRUD requested by u110               : Tg1AlgTestSCrud.execute(): entered               : TranData.getTranEntry(): entered               : TranData.getTranEntry(): Using comm config information passed in:               : TCP vserver1 4018 Y S               : loadInstance(): Attempting to instantiate the class:               :
....               : TCPIPDynamicCoopFlow.doFlow(): Client persistence (after exit)               : true               : TCPIPDynamicCoopFlow.doFlow(): Secure Socket Connection (after exit)               : true               : TCPIPDynamicCoopFlow.doFlow(): located a valid connection. Connection index: 0               : loadInstance(): Attempting to instantiate the class: 
....               : CFBDynamicMessage:getMessage(): exiting               : SecureTCPIPConnection::openSocket():  Attempt to open failed (error: Remote host terminated the handshake)               : CSUException(): CSUException created:               :  [Function: SecureTCPIPConnection::openSocket]Failed to successfully open the connection (error: Remote host terminated the handshake)
at Source)
at Source)


Release: Gen 8.6

Component: Gen Run Time, Distributed


Trying to use a persistent connection would potentially give the symptoms reported if the server side had closed the connection and the client tries to reuse it on the 2nd attempt. Although for a standard (non-secure) connection there is retry logic in the client side Java runtimes to handle that without the client seeing an error.

The Transaction Enabler (aefuf/aefad) would normally support a persistent connection direct from a Gen client but because of the intermediate HA Proxy SSL endpoint and load balancing to the aefuf the socket connection is not persistent and is getting closed somewhere in the chain after each server request. As the trace output shows "Remote host terminated the handshake" the socket connection seems to get getting terminated at the SSL endpoint.

The problem was resolved by using a non-persistent connection with the secure connection. May later decide to use a persistent non-secure connection because of the large number of transactions going through the web server and the secure connection to the HA Proxy is not a must have requirement.