Hanging in Http class

[wdile]

I have some code that is working on my local dev systems (Ubuntu, Windows), but isn't working on my digital ocean server.

On the page where I generate the client token, it requests via the gateway a new client token, and it hangs internally doing this.

I've managed to trace it down to:

sslContext.init((KeyManager[]) kmf.getKeyManagers(), tmf.getTrustManagers(), SecureRandom.getInstance("SHA1PRNG")); (line 230 in Http class)

However when I try to go any deeper it simply hangs.

Is this a known issue? How may I work around this?

[bluk]

@wildunne Hello, can you please describe your environment in more detail? What version of Java, is your DigitalOcean server running on the same version of Ubuntu, any special changes to trusted certificates or Java settings, and any other relevant information you can give?

The sslContext is initialized to help ensure that you are talking to Braintree servers. I don't know of any hangs in that line of code. I believe the only known issue around the sslContext is it may not work in a Google App Engine environment.

[wdile]

@bluk This is my output from java -version

openjdk version "1.8.0_121"
OpenJDK Runtime Environment (build 1.8.0_121-8u121-b13-0ubuntu1.16.04.2-b13)
OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)

In this is my Ubuntu version:

Distributor ID: Ubuntu
Description:    Ubuntu 16.04.2 LTS
Release:        16.04
Codename:       xenial

To be slightly more specific, I am running the Mongo server image from DigitalOcean.

I will happily provide any more details you want/need, I'm just not sure what those would be

[wdile]

Same issue with Oracle JDK 8 (just tested).

[wdile]

And happens on the non-mongo specific DigitalOcean 16.10 instance

[bluk]

Thanks for following up. This may be because of the SecureRandom.getInstance("SHA1PRNG").

/dev/random may not be producing output since the entropy is not sufficient. DigitalOcean has an article about it, but I cannot recommend their solution yet. We are investigating options.

[wdile]

Thanks for responding.

Yeah I would imagine this would be a big thing to get fixed since DigitalOcean is pretty popular...

Fortunately I dont need to test there for now

[bluk]

After some investigation, we suggest trying to configure your Java environment to use /dev/urandom. This can involve adding a configuration setting like java.security.egd=file:/dev/urandom to your Java runtime environment. This will help ensure that all of your Java programs will not block on SecureRandom calls. If you have further questions, please feel free to reach out to Braintree Support at the bottom of the page.

[wdile]

Unless I'm mistaken the advice given by DigitalOcean would be better for this solution as /dev/urandom if I recall correctly will just keep spitting out the same number over and over if there is not enough entropy, but that's not a problem.