[jbosstools-issues] [JBoss JIRA] (JBIDE-15594) Cannot connect to OpenShift DEVENV with hostname: javax.net.ssl.SSLProtocolException

Mon Nov 4 06:35:02 EST 2013

    [ https://issues.jboss.org/browse/JBIDE-15594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12840845#comment-12840845 ] 

Max Rydahl Andersen commented on JBIDE-15594:
---------------------------------------------

I think this works as expected.

In Java 7 SNI (Server Name Indication) is enabled by default and means that if a server says it does not recognize the server name it is being queried on it will let the client know and the client is supposed to not connect.

The thing to fix in this case is the server side. The DEV environment should be configured to either A) accept its given amazon instance name (in this example: ec2-54-226-150-31.compute-1.amazonaws.com) in the SNI handshake or B) not say it wants to do the the SNI handshake.

I would raise it to openshift team if either A or B can be made default for DEV instance and if not, we simply will just have to document that users should use the ip directly instead or disable SNI for the client side jav apps by using -Djsse.enableSNIExtension=false

Note: the system property was in earlier versions of the java client forced to have this property set but this is *absolutely* wrong since 1) it affects the whole JavaVM, i.e. other plugins in eclipse 2) it only works if it is called as the first thing before someone does any SSL network traffic (which is not controllable by the user in eclipse or any app server for that matter). 

Thus it should *not* and cannot be fixed in our openshift java client/

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7177232
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7127374
http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0

Setting this as a CR1 fix version to just raise this issue on openshift side and document the answer and then reject this as a "wont fix"

> Cannot connect to OpenShift DEVENV with hostname: javax.net.ssl.SSLProtocolException
> ------------------------------------------------------------------------------------
>
>                 Key: JBIDE-15594
>                 URL: https://issues.jboss.org/browse/JBIDE-15594
>             Project: Tools (JBoss Tools)
>          Issue Type: Bug
>          Components: openshift
>    Affects Versions: 4.1.1.Alpha2, 4.2.0.Alpha1
>         Environment: jdk7
>            Reporter: Andre Dietisheim
>            Assignee: Andre Dietisheim
>             Fix For: 4.1.1.CR1
>
>         Attachments: unknown-error.png
>
>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira