<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">I have a utility (written in Scala and built with SBT) that includes a logback.xml:<div class=""><br class=""></div><div class=""><pre style="background-color:#2b2b2b;color:#a9b7c6;font-family:'Menlo';font-size:12.0pt;" class=""><span style="color:#e8bf6a;" class=""><configuration </span><span style="color:#bababa;" class="">debug=</span><span style="color:#6a8759;" class="">"true"</span><span style="color:#e8bf6a;" class="">><br class=""></span><span style="color:#e8bf6a;" class=""> <appender </span><span style="color:#bababa;" class="">name=</span><span style="color:#6a8759;" class="">"STDOUT"<br class=""></span><span style="color:#6a8759;" class=""> </span><span style="color:#bababa;" class="">class=</span><span style="color:#6a8759;" class="">"ch.qos.logback.core.ConsoleAppender"</span><span style="color:#e8bf6a;" class="">><br class=""></span><span style="color:#e8bf6a;" class=""> <encoder </span><span style="color:#bababa;" class="">class=</span><span style="color:#6a8759;" class="">"ch.qos.logback.classic.encoder.PatternLayoutEncoder"</span><span style="color:#e8bf6a;" class="">><br class=""></span><span style="color:#e8bf6a;" class=""> <pattern></span>%d{ISO8601} | %-5level | %thread | %logger{1} | %m%n<span style="color:#e8bf6a;" class=""></pattern><br class=""></span><span style="color:#e8bf6a;" class=""> </encoder><br class=""></span><span style="color:#e8bf6a;" class=""> </appender><br class=""></span><span style="color:#e8bf6a;" class=""><br class=""></span><span style="color:#e8bf6a;" class=""> <logger </span><span style="color:#bababa;" class="">name=</span><span style="color:#6a8759;" class="">"com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder" </span><span style="color:#bababa;" class="">level=</span><span style="color:#6a8759;" class="">"ERROR" </span><span style="color:#e8bf6a;" class="">/><br class=""></span><span style="color:#e8bf6a;" class=""> <logger </span><span style="color:#bababa;" class="">name=</span><span style="color:#6a8759;" class="">"com.typesafe.sslconfig.ssl.AlgorithmChecker" </span><span style="color:#bababa;" class="">level=</span><span style="color:#6a8759;" class="">"ERROR" </span><span style="color:#e8bf6a;" class="">/><br class=""></span><span style="color:#e8bf6a;" class=""><br class=""></span><span style="color:#e8bf6a;" class=""> <root </span><span style="color:#bababa;" class="">level=</span><span style="color:#6a8759;" class="">"ERROR"</span><span style="color:#e8bf6a;" class="">><br class=""></span><span style="color:#e8bf6a;" class=""> <appender-ref </span><span style="color:#bababa;" class="">ref=</span><span style="color:#6a8759;" class="">"STDOUT" </span><span style="color:#e8bf6a;" class="">/><br class=""></span><span style="color:#e8bf6a;" class=""> </root><br class=""></span><span style="color:#e8bf6a;" class=""><br class=""></span><span style="color:#e8bf6a;" class=""></configuration><br class=""></span></pre><div class=""><br class=""></div></div><div class="">I added the ‘debug=“true”’ to help me diagnose why, despite the <logger/> elements that attempt to set the loglevel of log messages from the packages defined in the “name” attribute to “ERROR”, I’m seeing “WARN” messages in the console output when I run the command. I fragment of the first few lines of output appears below:</div><div class=""><br class=""></div><div class="">java -jar xxx.jar <arguments></div><div class=""><div class="">[WARN] [07/25/2017 17:05:59.490] [main] [com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder] validateStore: Skipping certificate with weak key size in thawtepremiumserverca: Certificate failed: cert = "1.2.840.113549.1.9.1=#16197072656d69756d2d736572766572407468617774652e636f6d,CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA" failed on constraint RSA keySize < 2048, algorithm = RSA, keySize = 1024</div><div class="">[WARN] [07/25/2017 17:05:59.490] [main] [com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder] validateStore: Skipping certificate with weak key size in thawteserverca: Certificate failed: cert = "1.2.840.113549.1.9.1=#16177365727665722d6365727473407468617774652e636f6d,CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA" failed on constraint RSA keySize < 2048, algorithm = RSA, keySize = 1024</div></div><div class="">….</div><div class=""><div class="">[WARN] [07/25/2017 17:05:59.500] [main] [com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder] validateStore: Skipping certificate with weak key size in verisignclass1g2ca: Certificate failed: cert = "OU=VeriSign Trust Network,OU=(c) 1998 VeriSign\, Inc. - For authorized use only,OU=Class 1 Public Primary Certification Authority - G2,O=VeriSign\, Inc.,C=US" failed on constraint RSA keySize < 2048, algorithm = RSA, keySize = 1024</div><div class="">17:05:59,530 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback.groovy]</div><div class="">17:05:59,530 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml]</div><div class="">17:05:59,530 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [jar:file:/Users/eswenson/Projects/Modulus/ws/modulus-shared-libraries/modules/dataset-client-cli/target/scala-2.11/dataset-client-cli-assembly-1.0.dev.jar!/logback.xml]</div><div class="">17:05:59,540 |-INFO in ch.qos.logback.core.joran.spi.ConfigurationWatchList@257cc1fc - URL [jar:file:/Users/eswenson/Projects/Modulus/ws/modulus-shared-libraries/modules/dataset-client-cli/target/scala-2.11/dataset-client-cli-assembly-1.0.dev.jar!/logback.xml] is not of type file</div><div class="">17:05:59,584 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender]</div><div class="">17:05:59,586 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [STDOUT]</div><div class="">17:05:59,616 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder] to ERROR</div><div class="">17:05:59,617 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [com.typesafe.sslconfig.ssl.AlgorithmChecker] to ERROR</div><div class="">17:05:59,617 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Setting level of ROOT logger to ERROR</div><div class="">17:05:59,617 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [STDOUT] to Logger[ROOT]</div><div class="">17:05:59,617 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - End of configuration.</div><div class="">17:05:59,618 |-INFO in ch.qos.logback.classic.joran.JoranConfigurator@5a67e962 - Registering current configuration as safe fallback point</div><div class="">[WARN] [07/25/2017 17:05:59.830] [main] [com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder] validateStore: Skipping certificate with weak key size in thawtepremiumserverca: Certificate failed: cert = "1.2.840.113549.1.9.1=#16197072656d69756d2d736572766572407468617774652e636f6d,CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA" failed on constraint RSA keySize < 2048, algorithm = RSA, keySize = 1024</div></div><div class="">…</div><div class=""><command output></div><div class=""><br class=""></div><div class="">There of two things of note in the output above: there are log messages that appear BEFORE we see the logging output due to the logback “debug=true” option. Second, we see many of these WARN messages from com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder both before and after the logback debug output.</div><div class=""><br class=""></div><div class="">Why is logback not suppressing the [WARN] messages? </div><div class=""><br class=""></div><div class="">The com.typesafe.sslconfig.ssl code uses akka.event.Logging. I’ve tried to look into this code, and quickly got lost. I’m not sure what low-level logging this package is using, but whatever it is, it isn’t being captured by logback. </div><div class="">I suspect I need to use some logback bridge, although I’ve tried various and get errors that I have multiple slf4j providers and it makes no difference to the logging output.</div><div class=""><br class=""></div><div class="">How do I track down what is going on here?</div><div class=""><br class=""></div></body></html>