javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? - wildfly-10.0.0.Final
sharkbite Jun 29, 2016 6:26 AMHi
When I access our application via web browser usiing https I get the following error:
2016-06-29 12:22:13,973 TRACE [org.jboss.security] (default task-77) PBOX00354: Setting security roles ThreadLocal: null
2016-06-29 12:22:29,162 DEBUG [io.undertow.request.io] (default I/O-15) UT005013: An IOException occurred: java.io.IOException: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:606)
at io.undertow.protocols.ssl.SslConduit.closed(SslConduit.java:971)
at io.undertow.protocols.ssl.SslConduit.close(SslConduit.java:1066)
at io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:787)
at io.undertow.protocols.ssl.SslConduit.read(SslConduit.java:559)
at org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127)
at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:153)
at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:131)
at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:57)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1116)
at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:88)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:559)
Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:604)
our configuration on standalone-full.xml is as follows:
<https-listener name="https" security-realm="UndertowRealm" socket-binding="https"/>
<security-realm name="UndertowRealm">
<server-identities>
<ssl>
<keystore path="abcd.jks" relative-to="jboss.server.config.dir" keystore-password="abcd" alias="test.co.za" key-password="abcd"/>
</ssl>
</server-identities>
</security-realm>
From the browser, the certificate is fine, they are no issues.
Why do I get this error?
Is it something to be worried about?
Thanks,
Daslan