hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Juraj Martinka (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1339) SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
Date Mon, 15 Apr 2013 12:40:16 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13631685#comment-13631685
] 

Juraj Martinka commented on HTTPCLIENT-1339:
--------------------------------------------

Hi, Oleg,

thank you very much for the investigation.
However, I'm still  not able to find the root cause of aforementioned error.
I tried to enable ssl debug via "-Djavax.net.debug=all" but didn't find anything useful in
output, nor the "Remote host closed connection during handshake " you have mentioned.
In my case there is another error:

---
0040: 00 2F C0 04 C0 0E 00 33 
00A0 0 ......0 09 C0 13   10 00 11 00 02 00 12   00 04 00 05 00 14 00 0pool-1-thread-262,
handling exception: java.net.SocketException: Connection reset
7  pool-1-thread-262, SEND TLSv1 ALERT:  fatal, description = unexpected_message
: pool-1-thread-262, WRITE: TLSv1 Alert, length = 2
 00 0060pool-1-thread-262, Exception sending alert: java.net.SocketException: Broken pipe
00 0pool-1-thread-262, called closeSocket()
pool-1-thread-142, WRITE: TLSv1 Handshake, length = 163
0C: Cpool-1-thread-262, IOException in getSession():  java.net.SocketException: Connection
reset
00 16  8:  pool-1-thread-262, called close()
 00pool-1-thread-262, called closeInternal(true)
  0D32. EF 7B 47 .pool-1-thread-262, called close()
----

I'm still wondering why there is no such issue with older HttpClient 3.x.
Do you have any further suggestions?


                
> SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
> --------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1339
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1339
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>    Affects Versions: 4.2.3
>            Reporter: Juraj Martinka
>            Priority: Critical
>
> HttpClient (tested against 4.1 version and 4.2.3) suffers from SSLPeerUnverifiedException.
> It can occur randomly, mainly when calling some secured resource in a concurrent fashion.
> However, each time there is a new HttpClient instance some this might not be related
to the threads issues.
> I've created two unit tests - https://gist.github.com/jumarko/34c20054d3d85eaff5a7
> * HttpClientPeerUnverifiedTest - using HttpClient 4.x errors occures in a random fashion
-> sometimes zero failures, but more often than not there  is at least one SSLPeerUnverifiedException
> * OldHttpClientPeerUnverifiedTest - using HttpClient 3.1 everything is working OK
> Stacktrace:
> {code}
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
> at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
> at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:151)
> at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:125)
> at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:641)
> at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:480)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1066)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1044)
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message