[JBoss JIRA] (JBIDE-14760) Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
by Andre Dietisheim (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14760?page=com.atlassian.jira.plugi... ]
Andre Dietisheim edited comment on JBIDE-14760 at 6/5/13 8:11 AM:
------------------------------------------------------------------
There's a lengthy discussion about this at http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecogniz...
The cause of this is a "misconfigured" server which does not have the correct servername or serveralias. in case of apache it is missing the following configuration which solves it:
{code}
<VirtualHost mydomain.com:443>
ServerName mydomain.com
ServerAlias www.mydomain.com
{code}
If the above is missing from apache the server is warning the client while TLS/SSL handshaking that the requested name is not recognized (Level: Warning, Description: Unrecognized Name), Server mydomain.com.
JDK7 (not JDK6!) then reacts to it with a "Fatal, Description: Unexpected Message". This is an additional check in JDK7 which they refuse to correct: "7127374 : JSSE creates SSLProtocolException on (common) warning: unrecognized_name for SNI" http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7127374
The openshift-java-client currently sets this system property (https://github.com/adietish/openshift-java-client/blob/master/src/main/ja...) but it has no effect since it is not the first one to do SSL connections in Eclipse:
{code: title=UrlConnectionHttpClient}
// JDK7 bug workaround
System.setProperty(SYSPROP_ENABLE_SNI_EXTENSION, "false");
{code}
So the only fix that we currently have in Eclipse is to either connect to OpenShift Enterprise instances via IP-address or to turn SNI-checks off globally in eclipse.ini/jbdevstudio.ini:
{code}
-Djsse.enableSNIExtension=false
{code}
was (Author: adietish):
The cause of this is a "misconfigured" server which does not have the correct servername or serveralias. in case of apache it is missing the following configuration which solves it:
{code}
<VirtualHost mydomain.com:443>
ServerName mydomain.com
ServerAlias www.mydomain.com
{code}
If the above is missing from apache the server is warning the client while TLS/SSL handshaking that the requested name is not recognized (Level: Warning, Description: Unrecognized Name), Server mydomain.com.
JDK7 (not JDK6!) then reacts to it with a "Fatal, Description: Unexpected Message". This is an additional check in JDK7 which they refuse to correct: "7127374 : JSSE creates SSLProtocolException on (common) warning: unrecognized_name for SNI" http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7127374
The openshift-java-client currently sets this system property (https://github.com/adietish/openshift-java-client/blob/master/src/main/ja...) but it has no effect since it is not the first one to do SSL connections in Eclipse:
{code: title=UrlConnectionHttpClient}
// JDK7 bug workaround
System.setProperty(SYSPROP_ENABLE_SNI_EXTENSION, "false");
{code}
So the only fix that we currently have in Eclipse is to either connect to OpenShift Enterprise instances via IP-address or to turn SNI-checks off globally in eclipse.ini/jbdevstudio.ini:
{code}
-Djsse.enableSNIExtension=false
{code}
> Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
> ----------------------------------------------------------------------------------------
>
> Key: JBIDE-14760
> URL: https://issues.jboss.org/browse/JBIDE-14760
> Project: Tools (JBoss Tools)
> Issue Type: Bug
> Components: openshift
> Affects Versions: 4.1.0.Beta2
> Environment: jdk7
> Reporter: jing zh
> Assignee: Andre Dietisheim
> Fix For: 4.1.0.Beta2
>
> Attachments: JBT_test.png
>
>
> If trying to connect openshift server ,it would be failed with following error shown.
> Could not verify credentials for jinzhang1: Could not request https://broker.osetestv2.com/broker/rest/api: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months
[JBoss JIRA] (JBIDE-14760) Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
by Andre Dietisheim (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14760?page=com.atlassian.jira.plugi... ]
Andre Dietisheim edited comment on JBIDE-14760 at 6/5/13 8:00 AM:
------------------------------------------------------------------
The cause of this is a "misconfigured" server which does not have the correct servername or serveralias. in case of apache it is missing the following configuration which solves it:
{code}
<VirtualHost mydomain.com:443>
ServerName mydomain.com
ServerAlias www.mydomain.com
{code}
If the above is missing from apache the server is warning the client while TLS/SSL handshaking that the requested name is not recognized (Level: Warning, Description: Unrecognized Name), Server mydomain.com.
JDK7 (not JDK6!) then reacts to it with a "Fatal, Description: Unexpected Message". This is an additional check in JDK7 which they refuse to correct: "7127374 : JSSE creates SSLProtocolException on (common) warning: unrecognized_name for SNI" http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7127374
The openshift-java-client currently sets this system property (https://github.com/adietish/openshift-java-client/blob/master/src/main/ja...) but it has no effect since it is not the first one to do SSL connections in Eclipse:
{code: title=UrlConnectionHttpClient}
// JDK7 bug workaround
System.setProperty(SYSPROP_ENABLE_SNI_EXTENSION, "false");
{code}
So the only fix that we currently have in Eclipse is to either connect to OpenShift Enterprise instances via IP-address or to turn SNI-checks off globally in eclipse.ini/jbdevstudio.ini:
{code}
-Djsse.enableSNIExtension=false
{code}
was (Author: adietish):
The cause of this is a "misconfigured" server which does not have the correct servername or serveralias. in case of apache it is missing the following configuration which solves it:
{code}
<VirtualHost mydomain.com:443>
ServerName mydomain.com
ServerAlias www.mydomain.com
{code}
If the above is missing from apache the server is warning the client while TLS/SSL handshaking that the requested name is not recognized (Level: Warning, Description: Unrecognized Name), Server mydomain.com.
JDK7 (not JDK6!) then reacts to it with a "Fatal, Description: Unexpected Message". This is an additional check in JDK7 which they refuse to correct: "7127374 : JSSE creates SSLProtocolException on (common) warning: unrecognized_name for SNI" http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7127374
The only way to turn this off is to set a global system property to the jvm BEFORE any SSL library is loaded:
{code}
-Djsse.enableSNIExtension=false
{code}
The openshift-java-client currently sets this system property (https://github.com/adietish/openshift-java-client/blob/master/src/main/ja...) but it has no effect since it is not the first one to do SSL connections in Eclipse:
{code: title=UrlConnectionHttpClient}
// JDK7 bug workaround
System.setProperty(SYSPROP_ENABLE_SNI_EXTENSION, "false");
{code}
> Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
> ----------------------------------------------------------------------------------------
>
> Key: JBIDE-14760
> URL: https://issues.jboss.org/browse/JBIDE-14760
> Project: Tools (JBoss Tools)
> Issue Type: Bug
> Components: openshift
> Affects Versions: 4.1.0.Beta2
> Environment: jdk7
> Reporter: jing zh
> Assignee: Andre Dietisheim
> Attachments: JBT_test.png
>
>
> If trying to connect openshift server ,it would be failed with following error shown.
> Could not verify credentials for jinzhang1: Could not request https://broker.osetestv2.com/broker/rest/api: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months
[JBoss JIRA] (JBIDE-14760) Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
by Andre Dietisheim (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14760?page=com.atlassian.jira.plugi... ]
Andre Dietisheim commented on JBIDE-14760:
------------------------------------------
The cause of this is a "misconfigured" server which does not have the correct servername or serveralias. in case of apache it is missing the following configuration which solves it:
{code}
<VirtualHost mydomain.com:443>
ServerName mydomain.com
ServerAlias www.mydomain.com
{code}
If the above is missing from apache the server is warning the client while TLS/SSL handshaking that the requested name is not recognized (Level: Warning, Description: Unrecognized Name), Server mydomain.com.
JDK7 (not JDK6!) then reacts to it with a "Fatal, Description: Unexpected Message". This is an additional check in JDK7 which they refuse to correct: "7127374 : JSSE creates SSLProtocolException on (common) warning: unrecognized_name for SNI" http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7127374
The only way to turn this off is to set a global system property to the jvm BEFORE any SSL library is loaded:
{code}
-Djsse.enableSNIExtension=false
{code}
The openshift-java-client currently sets this system property (https://github.com/adietish/openshift-java-client/blob/master/src/main/ja...) but it has no effect since it is not the first one to do SSL connections in Eclipse:
{code: title=UrlConnectionHttpClient}
// JDK7 bug workaround
System.setProperty(SYSPROP_ENABLE_SNI_EXTENSION, "false");
{code}
> Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
> ----------------------------------------------------------------------------------------
>
> Key: JBIDE-14760
> URL: https://issues.jboss.org/browse/JBIDE-14760
> Project: Tools (JBoss Tools)
> Issue Type: Bug
> Components: openshift
> Affects Versions: 4.1.0.Beta2
> Environment: jdk7
> Reporter: jing zh
> Assignee: Andre Dietisheim
> Attachments: JBT_test.png
>
>
> If trying to connect openshift server ,it would be failed with following error shown.
> Could not verify credentials for jinzhang1: Could not request https://broker.osetestv2.com/broker/rest/api: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months
[JBoss JIRA] (JBIDE-14644) On startup, osgi console logs "org.jboss.tools.central" three times
by Fred Bricon (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14644?page=com.atlassian.jira.plugi... ]
Fred Bricon resolved JBIDE-14644.
---------------------------------
Assignee: Fred Bricon
Fix Version/s: 4.1.0.Beta2
Resolution: Done
Fixed with https://github.com/jbosstools/jbosstools-central/commit/e66124643e55bc935...
> On startup, osgi console logs "org.jboss.tools.central" three times
> -------------------------------------------------------------------
>
> Key: JBIDE-14644
> URL: https://issues.jboss.org/browse/JBIDE-14644
> Project: Tools (JBoss Tools)
> Issue Type: Bug
> Components: central
> Affects Versions: 4.1.0.Beta1
> Reporter: Nick Boldt
> Assignee: Fred Bricon
> Priority: Minor
> Fix For: 4.1.0.Beta2
>
>
> On startup, osgi console logs "org.jboss.tools.central" three times. I would guess that some debugging statement was left on accidentally.
> When I start Eclipse like this:
> {code}
> workspace=/home/nboldt/eclipse/workspace-clean43
> target=/home/nboldt/eclipse/43clean
> eclipse=/home/nboldt/tmp/Eclipse_Bundles/eclipse-jee-kepler-M7-linux-gtk-x86_64.tar.gz
> cd ${target}
> tar xzf $eclipse
> ${target}/eclipse/eclipse -clean -showLocation -data $workspace -consolelog -console -vm /opt/sun-java2-7.0/bin/java -vmargs -Xms128M -Xmx256M -XX:PermSize=128M -XX:MaxPermSize=256M $1 2>&1 | tee "logs/eclipse.log.`date`.txt"
> {code}
> I get this logged to console:
> {code}
> osgi> org.jboss.tools.central
> org.jboss.tools.central
> org.jboss.tools.central
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months
[JBoss JIRA] (JBIDE-14760) Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
by Andre Dietisheim (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14760?page=com.atlassian.jira.plugi... ]
Andre Dietisheim updated JBIDE-14760:
-------------------------------------
Steps to Reproduce:
# ASSERT: make sure you have an OpenShift instance and an account on it to test against (ex. broker.osetestv2.com)
# EXEC: Add hostname/IP of the OpenShift Enterprise host /etc/hosts so that the OpenShift Enterprise host get resolved
# EXEC: Launch JBDS and the OpenShift Application wizard
# EXEC: as host provide the OpenShift Enterprise host and your credentials to connect to it, hit "Finish"
Actual results:
Cannot connect, an error occurrs: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
!JBT_test.png!
Expected results:
You can connect to the server.
was:
1. Add hostname of openshift server to ~/.openshift/express.conf
2. Launch JBDS and connect to the server with valid user/password
Expected results:
It can connect to the server. You get an error: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
Actual results:
Error occurred. Please refer to the attached screenshot.
> Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
> ----------------------------------------------------------------------------------------
>
> Key: JBIDE-14760
> URL: https://issues.jboss.org/browse/JBIDE-14760
> Project: Tools (JBoss Tools)
> Issue Type: Bug
> Components: openshift
> Affects Versions: 4.1.0.Beta2
> Reporter: jing zh
> Attachments: JBT_test.png
>
>
> If trying to connect openshift server ,it would be failed with following error shown.
> Could not verify credentials for jinzhang1: Could not request https://broker.osetestv2.com/broker/rest/api: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months
[JBoss JIRA] (JBIDE-14396) Imported maven projects sometimes fail to resolve required classpath dependencies for tests
by Fred Bricon (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14396?page=com.atlassian.jira.plugi... ]
Fred Bricon reassigned JBIDE-14396:
-----------------------------------
Assignee: Fred Bricon
> Imported maven projects sometimes fail to resolve required classpath dependencies for tests
> -------------------------------------------------------------------------------------------
>
> Key: JBIDE-14396
> URL: https://issues.jboss.org/browse/JBIDE-14396
> Project: Tools (JBoss Tools)
> Issue Type: Feature Request
> Components: maven, upstream
> Affects Versions: 4.1.0.Alpha2
> Reporter: Lincoln Baxter III
> Assignee: Fred Bricon
> Attachments: m2e-forge.site-0.0.1-SNAPSHOT.zip
>
>
> Example project: https://github.com/forge/core/tree/M2ECLIPSE-BUG
> Steps to reproduce:
> * Import all modules into the workspace.
> * Select "aesh-tests" project.
> * Run as -> JUnit Test
> You should see the test fail to launch because of the following Class not found exception:
> {code}
> java.lang.NoClassDefFoundError: Lorg/jboss/forge/aesh/TestShellConfiguration;
> at java.lang.Class.getDeclaredFields0(Native Method)
> at java.lang.Class.privateGetDeclaredFields(Class.java:2300)
> at java.lang.Class.getDeclaredFields(Class.java:1745)
> at org.junit.runners.model.TestClass.<init>(TestClass.java:49)
> at org.junit.runners.ParentRunner.<init>(ParentRunner.java:75)
> at org.junit.runners.BlockJUnit4ClassRunner.<init>(BlockJUnit4ClassRunner.java:57)
> at org.jboss.arquillian.junit.Arquillian.<init>(Arquillian.java:50)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
> at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
> at org.junit.internal.builders.AnnotatedBuilder.buildRunner(AnnotatedBuilder.java:29)
> at org.junit.internal.builders.AnnotatedBuilder.runnerForClass(AnnotatedBuilder.java:21)
> at org.junit.runners.model.RunnerBuilder.safeRunnerForClass(RunnerBuilder.java:59)
> at org.junit.internal.builders.AllDefaultPossibilitiesBuilder.runnerForClass(AllDefaultPossibilitiesBuilder.java:26)
> at org.junit.runners.model.RunnerBuilder.safeRunnerForClass(RunnerBuilder.java:59)
> at org.junit.internal.requests.ClassRequest.getRunner(ClassRequest.java:26)
> at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.<init>(JUnit4TestReference.java:33)
> at org.eclipse.jdt.internal.junit4.runner.JUnit4TestClassReference.<init>(JUnit4TestClassReference.java:25)
> at org.eclipse.jdt.internal.junit4.runner.JUnit4TestLoader.createTest(JUnit4TestLoader.java:48)
> at org.eclipse.jdt.internal.junit4.runner.JUnit4TestLoader.loadTests(JUnit4TestLoader.java:38)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:452)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
> Caused by: java.lang.ClassNotFoundException: org.jboss.forge.aesh.TestShellConfiguration
> at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
> at java.security.AccessController.doPrivileged(Native Method)
> at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
> ... 25 more
> {code}
> This can be solved by manually adding required projects in the workspace as classpath dependencies of the JUnit launch configured for the project being tested, but this is obviously not right, and should be configured automatically by the M2E integration.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months
[JBoss JIRA] (JBIDE-14760) Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
by Andre Dietisheim (JIRA)
[ https://issues.jboss.org/browse/JBIDE-14760?page=com.atlassian.jira.plugi... ]
Andre Dietisheim updated JBIDE-14760:
-------------------------------------
Steps to Reproduce:
# ASSERT: make sure you're using JDK7 (it wont happen with JDK6)
# ASSERT: make sure you have an OpenShift instance and an account on it to test against (ex. broker.osetestv2.com)
# EXEC: Add hostname/IP of the OpenShift Enterprise host /etc/hosts so that the OpenShift Enterprise host get resolved
# EXEC: Launch JBDS and the OpenShift Application wizard
# EXEC: as host provide the OpenShift Enterprise host and your credentials to connect to it, hit "Finish"
Actual results:
Cannot connect, an error occurrs: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
!JBT_test.png!
Expected results:
You can connect to the server.
was:
# ASSERT: make sure you have an OpenShift instance and an account on it to test against (ex. broker.osetestv2.com)
# EXEC: Add hostname/IP of the OpenShift Enterprise host /etc/hosts so that the OpenShift Enterprise host get resolved
# EXEC: Launch JBDS and the OpenShift Application wizard
# EXEC: as host provide the OpenShift Enterprise host and your credentials to connect to it, hit "Finish"
Actual results:
Cannot connect, an error occurrs: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
!JBT_test.png!
Expected results:
You can connect to the server.
> Cannot connect to OpenShift Enterprise with hostname: javax.net.ssl.SSLProtocolException
> ----------------------------------------------------------------------------------------
>
> Key: JBIDE-14760
> URL: https://issues.jboss.org/browse/JBIDE-14760
> Project: Tools (JBoss Tools)
> Issue Type: Bug
> Components: openshift
> Affects Versions: 4.1.0.Beta2
> Environment: jdk7
> Reporter: jing zh
> Assignee: Andre Dietisheim
> Attachments: JBT_test.png
>
>
> If trying to connect openshift server ,it would be failed with following error shown.
> Could not verify credentials for jinzhang1: Could not request https://broker.osetestv2.com/broker/rest/api: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 10 months