Re: [keycloak-user] Resteasy client SSLHandshakeException

Wednesday, 19 April 2017

It seems that your application where admin-client is running, needs to 
trust the Keycloak server, so it's able to communicate with it through SSL.

One possibility to do it is to ensure that your SSL certificate is 
signed by some well known Certificate Authority. This is good especially 
in production environments.

Other possibility is to configure your admin-client to trust the 
Keycloak server. The easiest is to use property like 
javax.net.ssl.trustStore system properties (see JVM docs for more 
details). Another possibility is to use custom RestEasyClient or 
SSLContext to your admin client, which will "trust" the Keycloak server.

Marek

On 19/04/17 14:33, Rajkiran K wrote:
...
 Hi all,

 We are trying to get all roles data of realm from keycloak. We are
 getting "SSLHandshakeException", can any one help on this issue

 *Keycloak version*: 1.9.8 Final

 *resteasy-client version*: resteasy-client-3.0.14.Final

 build    19-Apr-2017 02:00:18    2017-04-19 02:00:18 INFO
 KeycloakRestUserDataLoader:228 - Retrieving Roles from Keycloak
 error    19-Apr-2017 02:00:19    javax.ws.rs.ProcessingException:
 java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: Remote
 host closed connection during handshake
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:430)
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102)
 error    19-Apr-2017 02:00:19        at
 org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64)
 error    19-Apr-2017 02:00:19        at
 com.sun.proxy.$Proxy27.list(Unknown Source)
 error    19-Apr-2017 02:00:19        at

com.sample.loader.KeycloakRestUserDataLoader.getRealmRoles(KeycloakRestUserDataLoader.java:230)
 error    19-Apr-2017 02:00:19        at

com.sample.loader.KeycloakRestUserDataLoader.loadUserData(KeycloakRestUserDataLoader.java:199)
 error    19-Apr-2017 02:00:19        at
 com.sample.loader.KeycloakDataManager.main(KeycloakDataManager.java:34)
 error    19-Apr-2017 02:00:19    Caused by: java.lang.RuntimeException:
 javax.net.ssl.SSLHandshakeException: Remote host closed connection
 during handshake
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.executeRequest(URLConnectionEngine.java:174)
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.invoke(URLConnectionEngine.java:47)
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:436)
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102)
 error    19-Apr-2017 02:00:19        at
 org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64)
 error    19-Apr-2017 02:00:19        at
 com.sun.proxy.$Proxy19.grantToken(Unknown Source)
 error    19-Apr-2017 02:00:19        at
 org.keycloak.admin.client.token.TokenManager.grantToken(TokenManager.java:85)
 error    19-Apr-2017 02:00:19        at
 org.keycloak.admin.client.token.TokenManager.getAccessToken(TokenManager.java:65)
 error    19-Apr-2017 02:00:19        at
 org.keycloak.admin.client.token.TokenManager.getAccessTokenString(TokenManager.java:60)
 error    19-Apr-2017 02:00:19        at
 org.keycloak.admin.client.resource.BearerAuthFilter.filter(BearerAuthFilter.java:52)
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:413)
 error    19-Apr-2017 02:00:19        ... 6 more
 error    19-Apr-2017 02:00:19    Caused by:
 javax.net.ssl.SSLHandshakeException: Remote host closed connection
 during handshake
 error    19-Apr-2017 02:00:19        at
 sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:992)
 error    19-Apr-2017 02:00:19        at
 sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
 error    19-Apr-2017 02:00:19        at
 sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
 error    19-Apr-2017 02:00:19        at
 sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
 error    19-Apr-2017 02:00:19        at
 sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
 error    19-Apr-2017 02:00:19        at

sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 error    19-Apr-2017 02:00:19        at

sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1316)
 error    19-Apr-2017 02:00:19        at
 sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1291)
 error    19-Apr-2017 02:00:19        at

sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
 error    19-Apr-2017 02:00:19        at

org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.executeRequest(URLConnectionEngine.java:167)
 error    19-Apr-2017 02:00:19        ... 16 more
 error    19-Apr-2017 02:00:19    Caused by: java.io.EOFException: SSL
 peer shut down incorrectly
 error    19-Apr-2017 02:00:19        at
 sun.security.ssl.InputRecord.read(InputRecord.java:505)
 error    19-Apr-2017 02:00:19        at
 sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
 error    19-Apr-2017 02:00:19        ... 25 more
 build    19-Apr-2017 02:00:19    2017-04-19 02:00:19 ERROR
 KeycloakDataManager:38 - java.lang.RuntimeException:
 javax.net.ssl.SSLHandshakeException: Remote host closed connection
 during handshake

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Re: [keycloak-user] Resteasy client SSLHandshakeException