Embedded Jetty responds to clear http on port 443

357 Views Asked by banal At 03 April 2025 at 06:39

I have a Java 8 application using embedded Jetty 9.3.11 that wants to listen for https-only connections on a port (TCP/443). However, when a clear HTTP client connects the browser ends up downloading a small file of 7 bytes. Here is what od outputs for the file:

$ od -t x1 download
0000000 15 03 03 00 02 02 50
0000007

There is a requirement to not respond to clear text HTTP on TLS-only port 443. Interestingly, Jetty 9.1.3 does not behave this way.

My questions are the following:

What is this file and what other side-effects could be present for clear-text HTTP requests on my HTTPS-only port 443?
How can I stop Jetty from responding to clear HTTP this way?

Thanks in advance.

Original Q&A

There are 1 best solutions below

Joakim Erdfelt On 21 December 2016 at 23:04 BEST ANSWER

The bytes are:

15 03 03 00 02 02 50

where:

15    == TLS Alert Message Type
03 03 == TLS Protocol version 1.2
00 02 == TLS Frame length
02    == Alert level Fatal
50    == Internal Error

Seems like a normal TLS response when it can't understand the non-TLS client.

Embedded Jetty responds to clear http on port 443

There are 1 best solutions below

Related Questions in JAVA

Related Questions in SSL

Related Questions in EMBEDDED-JETTY

Related Questions in TLS1.2

Trending Questions

Popular # Hahtags

Popular Questions