SSL - anonymouse mode - connection fails
----------------------------------------
Key: TEIID-4079
URL:
https://issues.jboss.org/browse/TEIID-4079
Project: Teiid
Issue Type: Bug
Affects Versions: 8.12.5
Reporter: Juraj DurĂ¡ni
Assignee: Steven Hawkins
Attachments: keystore_server_expired.jks, keystore_server_untrusted.jks,
truststore.jks
If ssl-authentication-mode is set to anonymouse no certificates should be required. But
if configuration of Teiid contains keystore-name which points to keystore with expired
certificate, attempt to connect to Teiid fails.
*Exception:*
{code:plain}
org.teiid.jdbc.TeiidSQLException: TEIID20020 Error establishing socket to host and port:
localhost:31000. Reason: java.security.cert.CertificateExpiredException: NotAfter: Fri Feb
26 11:07:46 CET 2016
at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135)
at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71)
at org.teiid.jdbc.SocketProfile.connect(SocketProfile.java:66)
at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:107)
at oeg.jboss.qe.ssl.SimpleSslTest.test(SimpleSslTest.java:160)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at
org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:80)
at org.testng.internal.Invoker.invokeMethod(Invoker.java:714)
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:901)
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1231)
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:127)
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111)
at org.testng.TestRunner.privateRun(TestRunner.java:767)
at org.testng.TestRunner.run(TestRunner.java:617)
at org.testng.SuiteRunner.runTest(SuiteRunner.java:334)
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329)
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:291)
at org.testng.SuiteRunner.run(SuiteRunner.java:240)
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1198)
at org.testng.TestNG.runSuitesLocally(TestNG.java:1123)
at org.testng.TestNG.run(TestNG.java:1031)
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:70)
at
org.apache.maven.surefire.testng.TestNGDirectoryTestSuite.execute(TestNGDirectoryTestSuite.java:108)
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:111)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at
org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:164)
at
org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:110)
at
org.apache.maven.surefire.booter.SurefireStarter.invokeProvider(SurefireStarter.java:172)
at
org.apache.maven.surefire.booter.SurefireStarter.runSuitesInProcessWhenForked(SurefireStarter.java:104)
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:70)
Caused by: org.teiid.net.socket.SingleInstanceCommunicationException: TEIID20020 Error
establishing socket to host and port: localhost:31000. Reason:
java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46 CET 2016
at
org.teiid.net.socket.SocketServerConnection.selectServerInstance(SocketServerConnection.java:161)
at
org.teiid.net.socket.SocketServerConnection.<init>(SocketServerConnection.java:95)
at
org.teiid.net.socket.SocketServerConnectionFactory.getConnection(SocketServerConnectionFactory.java:316)
at org.teiid.jdbc.SocketProfile.connect(SocketProfile.java:64)
... 35 more
Caused by: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46 CET 2016
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1917)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:301)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:295)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1369)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:156)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:925)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:860)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1043)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1343)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:909)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
at java.io.BufferedInputStream.read(BufferedInputStream.java:265)
at java.io.DataInputStream.readInt(DataInputStream.java:387)
at
org.teiid.netty.handler.codec.serialization.ObjectDecoderInputStream.readObjectOverride(ObjectDecoderInputStream.java:97)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:365)
at
org.teiid.net.socket.OioOjbectChannelFactory$OioObjectChannel.read(OioOjbectChannelFactory.java:117)
at
org.teiid.net.socket.SocketServerInstanceImpl.doHandshake(SocketServerInstanceImpl.java:128)
at
org.teiid.net.socket.SocketServerInstanceImpl.connect(SocketServerInstanceImpl.java:96)
at
org.teiid.net.socket.SocketServerConnectionFactory.getServerInstance(SocketServerConnectionFactory.java:277)
at org.teiid.net.socket.SocketServerConnection.connect(SocketServerConnection.java:239)
at
org.teiid.net.socket.SocketServerConnection.selectServerInstance(SocketServerConnection.java:125)
... 38 more
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46
CET 2016
at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:274)
at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:629)
at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:188)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1351)
... 56 more
{code}