[undertow-dev] java.lang.IllegalStateException: UT000124: renegotiation timed out

Michal Karm Babacek karm at redhat.com
Thu May 12 09:10:37 EDT 2016 

Brian, could you start the server with -Djavax.net.debug=ssl
and pastebin the surroundings  of the exception?

Cheers
-K-

----- Original Message -----
> From: "Brian Call" <brian.call at primacinema.com>
> To: undertow-dev at lists.jboss.org
> Sent: Wednesday, May 11, 2016 10:39:57 PM
> Subject: [undertow-dev] java.lang.IllegalStateException: UT000124:	renegotiation timed out
> 
> Hi Guys,
> 
> First off, I’m trying to figure out whether or not I’m dealing with a bug or
> a user error on this one, so my apologies for spamming everyone. There is
> scant information pertaining to this error anywhere that I found as google
> only returned a single result, and that was to the messages class containing
> the message code.
> 
> I’m seeing this exception on TLS negotiation using client certs and I just
> can’t figure out what’s being renegotiated or why there would be a timeout.
> It’s all happening in milliseconds so I’m very confused, especially since it
> seems to happen intermittently and under varying circumstances. I’ve
> examined the source code for the wildly-10 version undertow that I’m using
> and I just can’t figure it out. Any hints in the right direction would be
> greatly appreciated.
> 
> Blessings,
> Brian
> 
> Here’s the stack trace:
> 
> 2016-05-11 20:27:51,766 ERROR [io.undertow.request] (default task-7)
> UT005023: Exception handling request to /ppi/whoami:
> java.lang.IllegalStateException: UT000124: renegotiation timed out
> 	at
> 	io.undertow.server.ConnectionSSLSessionInfo.renegotiateNoRequest(ConnectionSSLSessionInfo.java:175)
> 	at
> 	io.undertow.server.ConnectionSSLSessionInfo.renegotiate(ConnectionSSLSessionInfo.java:89)
> 	at
> 	io.undertow.security.impl.ClientCertAuthenticationMechanism.getPeerCertificates(ClientCertAuthenticationMechanism.java:125)
> 	at
> 	io.undertow.security.impl.ClientCertAuthenticationMechanism.authenticate(ClientCertAuthenticationMechanism.java:92)
> 	at
> 	io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:233)
> 	at
> 	io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:250)
> 	at
> 	io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:219)
> 	at
> 	io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:121)
> 	at
> 	io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:96)
> 	at
> 	io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:89)
> 	at
> 	io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
> 	at
> 	io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
> 	at
> 	io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> 	at
> 	io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
> 	at
> 	io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> 	at
> 	io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> 	at
> 	io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
> 	at
> 	io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> 	at
> 	io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> 	at
> 	io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> 	at
> 	io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> 	at
> 	io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> 	at
> 	org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> 	at
> 	io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> 	at
> 	io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> 	at
> 	io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
> 	at
> 	io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
> 	at
> 	io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> 	at
> 	io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
> 	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
> 	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
> 	at
> 	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> 	at
> 	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> 	at java.lang.Thread.run(Thread.java:745)
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev

-- 
Sent from my Hosaka Ono-Sendai Cyberspace 7

--
Michal Karm Babacek
    ☕ JBoss QE    
Red Hat Czech | GMT+2

☎ +420 737 778 560 (cell)
☎ +420 532 294 547 (⇖forwarded⇖)
freenode: #wildfly #mod_cluster #fedora-devel
⚙ http://modcluster.iokarm at redhat.com

More information about the undertow-dev mailing list