cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Venkat Nalla (JIRA)" <>
Subject [jira] [Created] (CXF-5302) SSL handshake exception on IBM AIX 6.1 with IBM JDK 7
Date Thu, 26 Sep 2013 13:52:03 GMT
Venkat Nalla created CXF-5302:

             Summary: SSL handshake exception on IBM AIX 6.1 with IBM JDK 7
                 Key: CXF-5302
             Project: CXF
          Issue Type: Bug
          Components: JAX-WS Runtime
    Affects Versions: 2.7.6
         Environment: IBM AIX 6.1, JDK version 7- IBM J9 VM (build 2.6, JRE 1.7.0 AIX ppc64-64
20120322_106209 (JIT enabled, AOT enabled))
            Reporter: Venkat Nalla

I am testing CXF 2.7.6 on AIX 6.1 with IBM J9 JDK 7 JVM. The client and server are on two
different machines of same kind in both the cases IBM JVM (same version) is used. Both the
servers has trustore/keystores based on Verisign signed certificates for the respective machines.

Server Side SSL Configuration:<httpj:engine-factory bus="cxf"> <httpj:engine port="7643">
<httpj:tlsServerParameters secureSocketProtocol="SSL"> <csec:trustManagers> <csec:keyStore
type="JKS" password="..." file="server.jks"/> </csec:trustManagers> <csec:keyManagers
keyPassword="..."> <csec:keyStore type="JKS" password="..." file="server.jks"/> </csec:keyManagers>
<csec:clientAuthentication want="false" required="false"/> </httpj:tlsServerParameters>
</httpj:engine> </httpj:engine-factory>
Client Side SSL Configuration:
<http:conduit name="*.http-conduit"> <http:tlsClientParameters disableCNCheck="true"
secureSocketProtocol="SSL"> <sec:trustManagers> <sec:keyStore type="JKS" password="..."
file="client.jks"/> </sec:trustManagers> </http:tlsClientParameters> </http:conduit>
I am getting the following error:
[java] Caused by: Violated path
length constraints [java] at [java] at
[java] at [java] at [java]
at [java] at [java] at
[java] at [java] at [java]
at [java] at [java] at
[java] at [java] at
[java] at
[java] at [java] at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(
[java] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(
[java] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(
[java] at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(
[java] at
[java] at
[java] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(
[java] ... 16 more [java] Caused by: Violated path length constraints

It works fine:
1) with IBM JDK 6 using spring configuration files shown above as well as Oracle/Sun JDK 7
on windows 7 desktop.
2) When server.jks file is used on the client side configuration with IBM JDK 7.
3)Works fine when the truststore is configured via system properties of java client process
using JDK 7:
java -Dcxf.config.file=client.xml -Dhttps.protocols=SSLv3 com.mycomany.Client
configuration file is without any SSL configuration as shown below (client.xml): <http:conduit

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message