directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-2043) SSL connection failures errors are useless
Date Wed, 05 Oct 2016 13:51:21 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-2043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15548762#comment-15548762
] 

Emmanuel Lecharny commented on DIRSERVER-2043:
----------------------------------------------

It's hard for me to give you an answer.

The truth is that people are using Studio with Java 6 (EOL feb 2013), Java 7 (EOL apr 2015)
and Java 8 (EOL 2017). Each of those versions may be supported by Oracle past there EOL through
a paying subscription, something we don't do. That means we depend on the latest versions,
ie Java 8 as of today.

We test Studio with the latest Java 8 build (which is for me java version "1.8.0_102"). Oracle
release new versions almost every 2 months, with patches, fixes and changes, that makes the
thing quite hard for us to test all of them (FTR, there were 17 java 7 releases in 4 years,
and 15 java 8 releases in 2 years). 

When it comes to the security parts, there were a hell lot of changes, with old ciphers being
desactivated (RC4, for instance, was disabled in 8u51 and 7u85).

Now, Studio depends on the Java version you are using, and it also depends on the server you
are using, and how it is configured. Without those informations, there is little we can do...

> SSL connection failures errors are useless
> ------------------------------------------
>
>                 Key: DIRSERVER-2043
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2043
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-M19
>            Reporter: Roy Wellington
>            Priority: Minor
>
> When connecting, if StartTLS fails, you get an error such as the following:
> {noformat}
> Error while opening connection
>  - SSL handshake failed.
> org.apache.directory.ldap.client.api.exception.InvalidConnectionException: SSL handshake
failed.
> 	at org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:3939)
> 	at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1178)
> 	at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076)
> 	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:368)
> 	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175)
> 	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:460)
> 	at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:306)
> 	at org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114)
> 	at org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109)
> 	at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54)
> SSL handshake failed.
> {noformat}
> But _why_ did the SSL handshake fail? I don't need the stack trace, I need to know what
exactly failed, something like what Firefox/Chrome do on SSL failures. I'm trying to debug
this right now, and I have absolutely no idea what's going on here.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message