JBoss messaging client with jndi is failing after initial ssl handshake
tihomir91 Jan 15, 2016 2:32 AMHello Colleagues,
I created standalone jms client to connect to JBoss eap 6.4 with tlsv1.2. The connection with java 7 and 8 is successful. Now i imported the code in our application for development purposes in order to test the connection but now it is failing after the client send tlsv1.2 hello message. I am providing ssl debug trace:
8:372 | Guest | ~Q-client-global-threads-1675133750] | System.out | 0000: 0C 00 01 49 03 00 17 41 04 72 AB 0A 50 98 46 C0 ...I...A.r..P.F. 0010: CC 60 E9 31 93 88 C1 63 7C 40 57 6F C3 A1 E6 58 .`.1...c.@Wo...X 0020: 24 59 7B 02 15 D9 92 53 24 A5 A5 E5 41 1F 1A 74 $Y.....S$...A..t 0030: D0 1F C3 66 09 AF 8C 30 07 68 20 6E 1B 7C F2 A2 ...f...0.h n.... 0040: C3 87 3F DA 6F A7 2F E8 1C 06 01 01 00 3F CD 98 ..?.o./......?.. 0050: 54 4B D0 66 60 4F A1 0D 6B 49 DA 57 9C B6 4D 14 TK.f`O..kI.W..M. 0060: 18 DA A8 0F 41 84 4D 36 2E 77 65 89 99 E9 7B 80 ....A.M6.we..... 0070: 36 BA B6 80 F9 13 1D F4 44 1F 2F 5F 40 C7 55 F7 6.......D./_@.U. 0080: 42 3E 57 01 A2 28 E3 26 5A 47 67 11 1F C0 63 AD B>W..(.&ZGg...c. 0090: 08 B1 DE 5B B8 4F B3 73 51 84 8E F0 23 22 44 ED ...[.O.sQ...#"D. 00A0: A6 7B 53 7D 33 5C B2 7D 08 88 74 E8 F7 91 20 0F ..S.3\....t... . 00B0: 68 02 AE 60 70 EB 9F 24 CB 80 A4 16 2E A3 0A EB h..`p..$........ 00C0: 0F 1E 87 F5 F9 91 4B 0D 50 4D D8 13 C1 20 4B 99 ......K.PM... K. 00D0: D8 14 E3 49 1A 02 90 15 98 9A 27 9F 90 1C B9 74 ...I......'....t 00E0: 9C 8C 92 03 73 1D 8C 07 72 71 E5 25 DD 34 E8 20 ....s...rq.%.4. 00F0: 26 89 14 59 D5 E2 68 31 33 23 6B F5 F0 1A 2B 3B &..Y..h13#k...+; 0100: D7 92 C2 6A 2D 9C C2 72 FB 33 4E 1C EB AA 9E EF ...j-..r.3N..... 0110: E9 95 E7 2F A0 15 39 5C 3C BD 21 42 D9 DB AB BC .../..9\<.!B.... 0120: F9 CF 5B 70 AD C3 0B 26 49 84 EE 44 34 04 FE 30 ..[p...&I..D4..0 0130: F0 C8 C5 5D 11 72 4F 4E 0D 9A 89 65 AF 84 A5 90 ...].rON...e.... 0140: B3 4C 4B FB 09 A8 AC 33 94 94 81 EA CF .LK....3..... *** ServerHelloDone | |
13:15:18:373 | Guest | ~Q-client-global-threads-1675133750] | System.out | [read] MD5 and SHA1 hashes: len = 4 | |
13:15:18:373 | Guest | ~Q-client-global-threads-1675133750] | System.out | 0000: 0E 00 00 00 .... *** ECDHClientKeyExchange | |
13:15:18:373 | Guest | ~Q-client-global-threads-1675133750] | System.out | ECDH Public value: { 4, 175, 248, 221, 6, 83, 125, 155, 95, 136, 154, 79, 66, 199, 14, 111, 94, 183, 238, 236, 119, 70, 135, 238, 86, 155, 246, 35, 83, 202, 22, 120, 152, 80, 151, 235, 194, 97, 76, 207, 115, 120, 246, 197, 123, 89, 64, 122, 62, 210, 59, 50, 153, 141, 194, 125, 47, 129, 49, 25, 56, 52, 152, 134, 166 } | |
13:15:18:374 | Guest | ~Q-client-global-threads-1675133750] | System.out | [write] MD5 and SHA1 hashes: len = 70 | |
13:15:18:374 | Guest | ~Q-client-global-threads-1675133750] | System.out | 0000: 10 00 00 42 41 04 AF F8 DD 06 53 7D 9B 5F 88 9A ...BA.....S.._.. 0010: 4F 42 C7 0E 6F 5E B7 EE EC 77 46 87 EE 56 9B F6 OB..o^...wF..V.. 0020: 23 53 CA 16 78 98 50 97 EB C2 61 4C CF 73 78 F6 #S..x.P...aL.sx. 0030: C5 7B 59 40 7A 3E D2 3B 32 99 8D C2 7D 2F 81 31 ..Y@z>.;2..../.1 0040: 19 38 34 98 86 A6 .84... Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), WRITE: TLSv1.2 Handshake, length = 70 | |
13:15:18:375 | Guest | ~Q-client-global-threads-1675133750] | System.out | Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), fatal error: 80: problem unwrapping net record java.lang.RuntimeException: Could not generate secret | |
13:15:18:375 | Guest | ~Q-client-global-threads-1675133750] | System.out | %% Invalidated: [Session-27, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256] | |
13:15:18:375 | Guest | ~Q-client-global-threads-1675133750] | System.out | Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), SEND TLSv1.2 ALERT: fatal, description = internal_error | |
13:15:18:376 | Guest | ~Q-client-global-threads-1675133750] | System.out | Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), WRITE: TLSv1.2 Alert, length = 2 | |
13:15:48:233 | Guest | Application [58] | System.out | [Raw write]: length = 75 | |
13:15:48:269 | Guest | Application [58] | System.out | 0000: 16 03 03 00 46 10 00 00 42 41 04 AF F8 DD 06 53 ....F...BA.....S 0010: 7D 9B 5F 88 9A 4F 42 C7 0E 6F 5E B7 EE EC 77 46 .._..OB..o^...wF 0020: 87 EE 56 9B F6 23 53 CA 16 78 98 50 97 EB C2 61 ..V..#S..x.P...a 0030: 4C CF 73 78 F6 C5 7B 59 40 7A 3E D2 3B 32 99 8D L.sx...Y@z>.;2.. 0040: C2 7D 2F 81 31 19 38 34 98 86 A6 ../.1.84... [Raw write]: length = 7 | |
13:15:48:297 | Guest | ~Q-client-global-threads-1675133750] | System.out | 0000: 15 03 03 00 02 02 50 ......P Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), called closeOutbound() | |
13:15:48:319 | Guest | ~Q-client-global-threads-1675133750] | System.out | Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), closeOutboundInternal() | |
13:15:48:335 | Guest | Application [58] | ~.jms.core.channel.ChannelImpl.start | Error starting channel: com.sap.aii.af.service.cpa.impl.object.ChannelImpl@72336352 with ID=fae4d8e33327329f9b662a2c2ba75319 due to com.sap.aii.adapter.jms.api.connector.ConnectionException: Error creating Connection from JMS Connection Factory.: javax.jms.JMSException: Failed to create session factory |
As you can see the error is :
"Old I/O client worker ([id: 0xe03bcf8b, /10.66.186.162:62159 => vepo750052/10.66.186.162:5445]), fatal error: 80: problem unwrapping net record
java.lang.RuntimeException: Could not generate secret " and this is after the server send tlsv1.2hello done.
What could be the reason for this error, it is coming from the server? I tried to enable javax.net.debug=all but it is not working as i expected. My assumption is that this could be problem with java version of the server and the client?
Regards,
Tihomir