3 Replies Latest reply on Jul 19, 2016 4:25 PM by Jared Simon

    javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? - wildfly-10.0.0.Final

    daslan govender Newbie

      Hi

       

      When I access our application via web browser usiing https I get the following error:

       

      2016-06-29 12:22:13,973 TRACE [org.jboss.security] (default task-77) PBOX00354: Setting security roles ThreadLocal: null

      2016-06-29 12:22:29,162 DEBUG [io.undertow.request.io] (default I/O-15) UT005013: An IOException occurred: java.io.IOException: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

        at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:606)

        at io.undertow.protocols.ssl.SslConduit.closed(SslConduit.java:971)

        at io.undertow.protocols.ssl.SslConduit.close(SslConduit.java:1066)

        at io.undertow.protocols.ssl.SslConduit.doUnwrap(SslConduit.java:787)

        at io.undertow.protocols.ssl.SslConduit.read(SslConduit.java:559)

        at org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127)

        at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:153)

        at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:131)

        at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:57)

        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)

        at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)

        at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1116)

        at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:88)

        at org.xnio.nio.WorkerThread.run(WorkerThread.java:559)

      Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)

        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)

        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)

        at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)

        at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:604)

       

       

      our configuration on standalone-full.xml is as follows:

       

       

        <https-listener name="https" security-realm="UndertowRealm" socket-binding="https"/>

       

                  <security-realm name="UndertowRealm">

                      <server-identities>

                          <ssl>

                              <keystore path="abcd.jks" relative-to="jboss.server.config.dir" keystore-password="abcd" alias="test.co.za" key-password="abcd"/>

                          </ssl>

                      </server-identities>

                  </security-realm>

       

      From the browser, the certificate is fine, they are no issues.

       

       

      Why do I get this error?

       

      Is it something to be worried about?

       

      Thanks,

      Daslan