Re: [keycloak-user] Resteasy client SSLHandshakeException

Thanks you for reply marek. yes, SSL certificate is signed by well known Certificate Authority. This SSLHandshakeException is occuring few times only. Many times this exception is not seen, can you guess possible issue here (if admin-client is not trusted by Keycloak server, we should get exception every time) Thanks, Raj Kiran K On 4/19/2017 9:56 PM, Marek Posolda wrote: > It seems that your application where admin-client is running, needs to > trust the Keycloak server, so it's able to communicate with it through > SSL. > > One possibility to do it is to ensure that your SSL certificate is > signed by some well known Certificate Authority. This is good > especially in production environments. > > Other possibility is to configure your admin-client to trust the > Keycloak server. The easiest is to use property like > javax.net.ssl.trustStore system properties (see JVM docs for more > details). Another possibility is to use custom RestEasyClient or > SSLContext to your admin client, which will "trust" the Keycloak server. > > Marek > > On 19/04/17 14:33, Rajkiran K wrote: >> Hi all, >> >> We are trying to get all roles data of realm from keycloak. We are >> getting "SSLHandshakeException", can any one help on this issue >> >> *Keycloak version*: 1.9.8 Final >> >> *resteasy-client version*: resteasy-client-3.0.14.Final >> >> build 19-Apr-2017 02:00:18 2017-04-19 02:00:18 INFO >> KeycloakRestUserDataLoader:228 - Retrieving Roles from Keycloak >> error 19-Apr-2017 02:00:19 javax.ws.rs.ProcessingException: >> java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: Remote >> host closed connection during handshake >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:430) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64) >> >> error 19-Apr-2017 02:00:19 at >> com.sun.proxy.$Proxy27.list(Unknown Source) >> error 19-Apr-2017 02:00:19 at >> com.sample.loader.KeycloakRestUserDataLoader.getRealmRoles(KeycloakRestUserDataLoader.java:230) >> >> error 19-Apr-2017 02:00:19 at >> com.sample.loader.KeycloakRestUserDataLoader.loadUserData(KeycloakRestUserDataLoader.java:199) >> >> error 19-Apr-2017 02:00:19 at >> com.sample.loader.KeycloakDataManager.main(KeycloakDataManager.java:34) >> error 19-Apr-2017 02:00:19 Caused by: java.lang.RuntimeException: >> javax.net.ssl.SSLHandshakeException: Remote host closed connection >> during handshake >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.executeRequest(URLConnectionEngine.java:174) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.invoke(URLConnectionEngine.java:47) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:436) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64) >> >> error 19-Apr-2017 02:00:19 at >> com.sun.proxy.$Proxy19.grantToken(Unknown Source) >> error 19-Apr-2017 02:00:19 at >> org.keycloak.admin.client.token.TokenManager.grantToken(TokenManager.java:85) >> >> error 19-Apr-2017 02:00:19 at >> org.keycloak.admin.client.token.TokenManager.getAccessToken(TokenManager.java:65) >> >> error 19-Apr-2017 02:00:19 at >> org.keycloak.admin.client.token.TokenManager.getAccessTokenString(TokenManager.java:60) >> >> error 19-Apr-2017 02:00:19 at >> org.keycloak.admin.client.resource.BearerAuthFilter.filter(BearerAuthFilter.java:52) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:413) >> >> error 19-Apr-2017 02:00:19 ... 6 more >> error 19-Apr-2017 02:00:19 Caused by: >> javax.net.ssl.SSLHandshakeException: Remote host closed connection >> during handshake >> error 19-Apr-2017 02:00:19 at >> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:992) >> error 19-Apr-2017 02:00:19 at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) >> >> error 19-Apr-2017 02:00:19 at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) >> error 19-Apr-2017 02:00:19 at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) >> error 19-Apr-2017 02:00:19 at >> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) >> >> error 19-Apr-2017 02:00:19 at >> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) >> >> error 19-Apr-2017 02:00:19 at >> sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1316) >> >> error 19-Apr-2017 02:00:19 at >> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1291) >> >> error 19-Apr-2017 02:00:19 at >> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) >> >> error 19-Apr-2017 02:00:19 at >> org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.executeRequest(URLConnectionEngine.java:167) >> >> error 19-Apr-2017 02:00:19 ... 16 more >> error 19-Apr-2017 02:00:19 Caused by: java.io.EOFException: SSL >> peer shut down incorrectly >> error 19-Apr-2017 02:00:19 at >> sun.security.ssl.InputRecord.read(InputRecord.java:505) >> error 19-Apr-2017 02:00:19 at >> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) >> error 19-Apr-2017 02:00:19 ... 25 more >> build 19-Apr-2017 02:00:19 2017-04-19 02:00:19 ERROR >> KeycloakDataManager:38 - java.lang.RuntimeException: >> javax.net.ssl.SSLHandshakeException: Remote host closed connection >> during handshake >> > > >