[keycloak-user] Resteasy client SSLHandshakeException
Marek Posolda
mposolda at redhat.com
Wed Apr 19 12:26:56 EDT 2017
It seems that your application where admin-client is running, needs to
trust the Keycloak server, so it's able to communicate with it through SSL.
One possibility to do it is to ensure that your SSL certificate is
signed by some well known Certificate Authority. This is good especially
in production environments.
Other possibility is to configure your admin-client to trust the
Keycloak server. The easiest is to use property like
javax.net.ssl.trustStore system properties (see JVM docs for more
details). Another possibility is to use custom RestEasyClient or
SSLContext to your admin client, which will "trust" the Keycloak server.
Marek
On 19/04/17 14:33, Rajkiran K wrote:
> Hi all,
>
> We are trying to get all roles data of realm from keycloak. We are
> getting "SSLHandshakeException", can any one help on this issue
>
> *Keycloak version*: 1.9.8 Final
>
> *resteasy-client version*: resteasy-client-3.0.14.Final
>
> build 19-Apr-2017 02:00:18 2017-04-19 02:00:18 INFO
> KeycloakRestUserDataLoader:228 - Retrieving Roles from Keycloak
> error 19-Apr-2017 02:00:19 javax.ws.rs.ProcessingException:
> java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: Remote
> host closed connection during handshake
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:430)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64)
> error 19-Apr-2017 02:00:19 at
> com.sun.proxy.$Proxy27.list(Unknown Source)
> error 19-Apr-2017 02:00:19 at
> com.sample.loader.KeycloakRestUserDataLoader.getRealmRoles(KeycloakRestUserDataLoader.java:230)
> error 19-Apr-2017 02:00:19 at
> com.sample.loader.KeycloakRestUserDataLoader.loadUserData(KeycloakRestUserDataLoader.java:199)
> error 19-Apr-2017 02:00:19 at
> com.sample.loader.KeycloakDataManager.main(KeycloakDataManager.java:34)
> error 19-Apr-2017 02:00:19 Caused by: java.lang.RuntimeException:
> javax.net.ssl.SSLHandshakeException: Remote host closed connection
> during handshake
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.executeRequest(URLConnectionEngine.java:174)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.invoke(URLConnectionEngine.java:47)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:436)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:102)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:64)
> error 19-Apr-2017 02:00:19 at
> com.sun.proxy.$Proxy19.grantToken(Unknown Source)
> error 19-Apr-2017 02:00:19 at
> org.keycloak.admin.client.token.TokenManager.grantToken(TokenManager.java:85)
> error 19-Apr-2017 02:00:19 at
> org.keycloak.admin.client.token.TokenManager.getAccessToken(TokenManager.java:65)
> error 19-Apr-2017 02:00:19 at
> org.keycloak.admin.client.token.TokenManager.getAccessTokenString(TokenManager.java:60)
> error 19-Apr-2017 02:00:19 at
> org.keycloak.admin.client.resource.BearerAuthFilter.filter(BearerAuthFilter.java:52)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:413)
> error 19-Apr-2017 02:00:19 ... 6 more
> error 19-Apr-2017 02:00:19 Caused by:
> javax.net.ssl.SSLHandshakeException: Remote host closed connection
> during handshake
> error 19-Apr-2017 02:00:19 at
> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:992)
> error 19-Apr-2017 02:00:19 at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
> error 19-Apr-2017 02:00:19 at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
> error 19-Apr-2017 02:00:19 at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
> error 19-Apr-2017 02:00:19 at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
> error 19-Apr-2017 02:00:19 at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
> error 19-Apr-2017 02:00:19 at
> sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1316)
> error 19-Apr-2017 02:00:19 at
> sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1291)
> error 19-Apr-2017 02:00:19 at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
> error 19-Apr-2017 02:00:19 at
> org.jboss.resteasy.client.jaxrs.engines.URLConnectionEngine.executeRequest(URLConnectionEngine.java:167)
> error 19-Apr-2017 02:00:19 ... 16 more
> error 19-Apr-2017 02:00:19 Caused by: java.io.EOFException: SSL
> peer shut down incorrectly
> error 19-Apr-2017 02:00:19 at
> sun.security.ssl.InputRecord.read(InputRecord.java:505)
> error 19-Apr-2017 02:00:19 at
> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
> error 19-Apr-2017 02:00:19 ... 25 more
> build 19-Apr-2017 02:00:19 2017-04-19 02:00:19 ERROR
> KeycloakDataManager:38 - java.lang.RuntimeException:
> javax.net.ssl.SSLHandshakeException: Remote host closed connection
> during handshake
>
More information about the keycloak-user
mailing list