[JBoss JIRA] (WFLY-10812) JDK11 Some security tests fail on closed channel exception

Wednesday, 22 August 2018

    [
https://issues.jboss.org/browse/WFLY-10812?page=com.atlassian.jira.plugin...
] 

Jan Kalina edited comment on WFLY-10812 at 8/22/18 8:34 AM:
------------------------------------------------------------

WSTrustTestCase:
* in GenerateWSKeyStores need to use CN=localhost and add alternative name 127.0.0.1 
* following "SSLHandshakeException: Invalid ECDH ServerKeyExchange signature":
it looks {{testPicketLink}} breaks following {{testHolderOfKey}} - but only when
{{-Dhttps.protocols=TLSv1.2}} (default) is used - ok for {{-Dhttps.protocols=TLSv1.1}} -
looks like JDK issue
{code}
JAVA_HOME=/opt/jdk-11/ PATH=$JAVA_HOME/bin/:$PATH mvn test
-Dsurefire.runOrder=alphabetical -Dtest=WSTrustTestCase#testPicketLink+testHolderOfKey 
-Dhttps.protocols=TLSv1.2
{code}

was (Author: honza889):
WSTrustTestCase:
* in GenerateWSKeyStores need to use CN=localhost and add alternative name 127.0.0.1 
* still investigating "SSLHandshakeException: Invalid ECDH ServerKeyExchange
signature": it looks {{testPicketLink}} breaks {{testHolderOfKey}} - probably
incorrect clean up
{code}
JAVA_HOME=/opt/jdk-11/ PATH=$JAVA_HOME/bin/:$PATH mvn test
-Dsurefire.runOrder=alphabetical -Dtest=WSTrustTestCase#testPicketLink+testHolderOfKey
{code}

...
 JDK11 Some security tests fail on closed channel exception
 ----------------------------------------------------------

                 Key: WFLY-10812
                 URL: https://issues.jboss.org/browse/WFLY-10812
             Project: WildFly
          Issue Type: Bug
          Components: Test Suite
            Reporter: Richard Opalka
            Assignee: Jan Kalina
            Priority: Blocker
             Fix For: 14.0.0.CR1

 With latest JDK11 (build 11-ea+25) the following tests fail due to closed channel
exception:	modified:
  *
testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/security/loginmodules/LdapExtLikeAdvancedLdapLMTestCase.java
  *
testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/security/loginmodules/LdapExtLoginModuleTestCase.java
  *
testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/security/loginmodules/LdapLoginModuleTestCase.java
  *
testsuite/integration/elytron/src/test/java/org/wildfly/test/integration/elytron/ssl/UndertowTwoWaySslNeedClientAuthTestCase.java
  *
testsuite/integration/iiop/src/test/java/org/jboss/as/test/iiopssl/basic/IIOPSslInvocationTestCase.java
  *
testsuite/integration/manualmode/src/test/java/org/jboss/as/test/manualmode/security/OutboundLdapConnectionClientCertTestCase.java
  *
testsuite/integration/manualmode/src/test/java/org/jboss/as/test/manualmode/security/OutboundLdapConnectionTestCase.java
  *
testsuite/integration/manualmode/src/test/java/org/jboss/as/test/manualmode/web/ssl/CertificateRolesLoginModuleTestCase.java
  *
testsuite/integration/manualmode/src/test/java/org/jboss/as/test/manualmode/web/ssl/DatabaseCertLoginModuleTestCase.java
  *
testsuite/integration/manualmode/src/test/java/org/jboss/as/test/manualmode/web/ssl/HTTPSWebConnectorTestCase.java
  *
testsuite/integration/ws/src/test/java/org/jboss/as/test/integration/ws/wsse/trust/WSTrustTestCase.java
 Is there a known SSL issue in JDK11? Could somebody from our security team investigate
this issue?
 When these tests will start passing WF test suite will be passing 100% of tests on
JDK11.
 Potential investigator from our security team may want to include this PR:
 https://github.com/wildfly/wildfly/pull/11499
 to fix known JDK11 issues. 

--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006