Author |
Message |
11/05/2016 10:18:32
|
bzeuner
Power User
Joined: 28/02/2011 17:12:24
Messages: 59
Offline
|
Hello everyone,
now and then we get a "javax.net.ssl.SSLHandshakeException: Error signing certificate verify" error that only occurs sporadically. In the stacktrace I only see captain casa involved. At first I thought there is a problem with the server SSL certificate but that would mean the error has to occur every time.
Has somebody already experience with that error?
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$100(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$8.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$8.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivilegedWithCombiner(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at org.eclnt.client.comm.http.util.DefaultCommunicator.getOutputStream(DefaultCommunicator.java:63)
at org.eclnt.client.comm.http.DataTransfer.transferXML(DataTransfer.java:99
at org.eclnt.client.comm.http.DataTransfer.transferXML(DataTransfer.java:1152)
at org.eclnt.client.comm.http.DataTransfer.communicateToServerSynchronous(DataTransfer.java:29
at org.eclnt.client.page.Page.loadPageFromServer(Page.java:745)
at org.eclnt.client.page.Page.<init>(Page.java:355)
at org.eclnt.client.page.PageContainer.<init>(PageContainer.java:63)
at org.eclnt.client.page.PageBrowser.loadHeaderURL(PageBrowser.java:1704)
at org.eclnt.client.page.PageBrowser.loadHeaderURL(PageBrowser.java:1650)
at org.eclnt.client.page.PageBrowser.reloadCurrentURL(PageBrowser.java:197
at org.eclnt.client.elements.impl.RELOADTIMERElement$1.run(RELOADTIMERElement.java:16)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$500(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
Caused by: java.security.SignatureException: Interner Fehler.
at sun.security.mscapi.RSASignature.signHash(Native Method)
at sun.security.mscapi.RSASignature.engineSign(RSASignature.java:386)
at java.security.Signature$Delegate.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
at sun.security.ssl.RSASignature.engineSign(Unknown Source)
at java.security.Signature$Delegate.engineSign(Unknown Source)
at java.security.Signature.sign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
|
|
|
11/05/2016 10:37:08
|
CaptainCasa
Power User
Joined: 21/11/2007 12:23:06
Messages: 5521
Offline
|
Hi,
the error comes, when the client connects to the server - so there must be some CaptainCasa involved ;-)
From the stack trace I see that the error is occurring within the loading of the first page, so the server is connected the first time.
I goggled a bit and maybe this helps you:
>>
believe that you are trying to connect to a something using SSL but that something is providing a certificate which is not verified by root certification authorities such as verisign.. In essence by default secure connections can only be established if the person trying to connect knows the counterparties keys or some other verndor such as verisign can step in and say that the public key being provided is indeed right..
>>
Could this be the case in your example?
Regards, Björn
|
Björn Müller, CaptainCasa GmbH |
|
|
11/05/2016 10:41:39
|
bzeuner
Power User
Joined: 28/02/2011 17:12:24
Messages: 59
Offline
|
Hi Björn,
your descriped case would be suitable if this happens each time. But in our case it happens only some times and not at the first request. This happens when there is already some communication done..
Does the error
Caused by: java.security.SignatureException: Interner Fehler.
at sun.security.mscapi.RSASignature.signHash(Native Method)
at sun.security.mscapi.RSASignature.engineSign(RSASignature.java:386)
mean something?
|
|
|
11/05/2016 10:57:03
|
CaptainCasa
Power User
Joined: 21/11/2007 12:23:06
Messages: 5521
Offline
|
...hmmm, I've never seen such error so far.
You are right with "not at the first request" - but it still is some special situation: the client is reloaded/reinitialized. And this reload is done by the RELOADTIMER component which is only used in the screen that is shown if the communication failed during runtime. The RELOADTIMER automatically switches from the error screen to the logon screen by realoding the URL.
at org.eclnt.client.comm.http.util.DefaultCommunicator.getOutputStream(DefaultCommunicator.java:63)
at org.eclnt.client.comm.http.DataTransfer.transferXML(DataTransfer.java:99
at org.eclnt.client.comm.http.DataTransfer.transferXML(DataTransfer.java:1152)
at org.eclnt.client.comm.http.DataTransfer.communicateToServerSynchronous(DataTransfer.java:29
at org.eclnt.client.page.Page.loadPageFromServer(Page.java:745)
at org.eclnt.client.page.Page.<init>(Page.java:355)
at org.eclnt.client.page.PageContainer.<init>(PageContainer.java:63)
at org.eclnt.client.page.PageBrowser.loadHeaderURL(PageBrowser.java:1704)
at org.eclnt.client.page.PageBrowser.loadHeaderURL(PageBrowser.java:1650)
at org.eclnt.client.page.PageBrowser.rat org.eclnt.client.elements.impl.RELOADTIMERElement$1.run(RELOADTIMERElement.java:16) eloadCurrentURL(PageBrowser.java:197
So something must have happened before. Could you check the log before you get this reload exception if you see some prior connection problem?
Thanks! Björn
|
Björn Müller, CaptainCasa GmbH |
|
|
11/05/2016 12:06:09
|
bzeuner
Power User
Joined: 28/02/2011 17:12:24
Messages: 59
Offline
|
Sure, which log do you mean?
|
|
|
11/05/2016 12:11:27
|
CaptainCasa
Power User
Joined: 21/11/2007 12:23:06
Messages: 5521
Offline
|
...the client log...
Regards, Björn
|
Björn Müller, CaptainCasa GmbH |
|
|
13/05/2016 07:42:58
|
bzeuner
Power User
Joined: 28/02/2011 17:12:24
Messages: 59
Offline
|
Hi Björn,
I only find something like that:
Error occurred when communicating to server: https://<URL_OF_CUSTOMER>:8446/fhg/jsp/sessionclose.ccinvalidatesession;jsessionid=null. javax.net.ssl.SSLHandshakeException: Error signing certificate verify .......... org.eclnt.client.comm.http.DataTransfer>readBytesFromURL
2016:05:10 13:28:27:207 | 39 | WARNING | Connection Exception occurred: javax.net.ssl.SSLHandshakeException: Error signing certificate verify .......... org.eclnt.client.comm.http.DataTransfer>transferXML
2016:05:10 13:28:27:207 | 39 | WARNING | Executing next request with same request id to server, this is a re-connect .......... org.eclnt.client.comm.http.DataTransfer>transferXML
2016:05:10 13:28:27:793 | 39 | WARNING | Connection Exception occurred: javax.net.ssl.SSLHandshakeException: Error signing certificate verify .......... org.eclnt.client.comm.http.DataTransfer>transferXML
2016:05:10 13:28:27:793 | 39 | WARNING | Checking with user if to retry... .......... org.eclnt.client.comm.http.DataTransfer>transferXML
2016:05:10 13:28:29:347 | 39 | SEVERE | Error occurred when communicating to server .......... org.eclnt.client.comm.http.DataTransfer>buildErrorResponse
Do we need an other log level to get more informations?
|
|
|
13/05/2016 07:44:23
|
CaptainCasa
Power User
Joined: 21/11/2007 12:23:06
Messages: 5521
Offline
|
This is the message we know ;-). Isn't there any other message in the log before? Could you send the whole log to me? Thanks!
Björn
|
Björn Müller, CaptainCasa GmbH |
|
|
|