Details
-
Bug
-
Status: Closed
-
P3
-
Resolution: Cannot Reproduce
-
7u67
-
None
Description
jconsole connection fails while connnecting to WLS server over SSL.
jconsole output with -Djavax.net.debug=all :
*** ClientHello, TLSv1
RandomCookie: GMT: 1446604835 bytes = { 241, 206, 199, 56, 28, 236, 241, 49, 62, 17, 126, 141, 40, 159, 104, 176, 132, 18, 161, 89, 31, 209, 106, 198, 105, 123, 28, 144 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
[write] MD5 and SHA1 hashes: len = 163
0000: 01 00 00 9F 03 01 56 39 70 23 F1 CE C7 38 1C EC ......V9p#...8..
0010: F1 31 3E 11 7E 8D 28 9F 68 B0 84 12 A1 59 1F D1 .1>...(.h....Y..
0020: 6A C6 69 7B 1C 90 00 00 38 C0 0A C0 14 00 35 C0 j.i.....8.....5.
0030: 05 C0 0F 00 39 00 38 C0 09 C0 13 00 2F C0 04 C0 ....9.8...../...
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2...........
0050: 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 ................
0060: FF 01 00 00 3E 00 0A 00 34 00 32 00 17 00 01 00 ....>...4.2.....
0070: 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 ................
0080: 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 ................
0090: 02 00 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 ................
00A0: 02 01 00 ...
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], WRITE: TLSv1 Handshake, length = 163
[Raw write]: length = 168
0000: 16 03 01 00 A3 01 00 00 9F 03 01 56 39 70 23 F1 ...........V9p#.
0010: CE C7 38 1C EC F1 31 3E 11 7E 8D 28 9F 68 B0 84 ..8...1>...(.h..
0020: 12 A1 59 1F D1 6A C6 69 7B 1C 90 00 00 38 C0 0A ..Y..j.i.....8..
0030: C0 14 00 35 C0 05 C0 0F 00 39 00 38 C0 09 C0 13 ...5.....9.8....
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 ./.....3.2......
0050: C0 02 C0 0C C0 08 C0 12 00 0A C0 03 C0 0D 00 16 ................
0060: 00 13 00 04 00 FF 01 00 00 3E 00 0A 00 34 00 32 .........>...4.2
0070: 00 17 00 01 00 03 00 13 00 15 00 06 00 07 00 09 ................
0080: 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F ................
0090: 00 10 00 11 00 02 00 12 00 04 00 05 00 14 00 08 ................
00A0: 00 16 00 0B 00 02 01 00 ........
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], READ: TLSv1 Alert, length = 2
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], RECV TLSv1 ALERT: fatal, handshake_failure
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], called closeSocket()
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
====
The WLS server appears to be closing out the SSL handshake request with this :
RMI TCP Connection(11)-10.x.x.x, READ: TLSv1 Handshake, length = 163
*** ClientHello, TLSv1
RandomCookie: GMT: 1446604835 bytes = { 241, 206, 199, 56, 28, 236, 241, 49, 62, 17, 126, 141, 40, 159, 104, 176, 132, 18, 161, 89, 31, 209, 106, 198, 105, 123, 28, 144 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TL
S_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_
ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_ED
E_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect23
9k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
[read] MD5 and SHA1 hashes: len = 163
0000: 01 00 00 9F 03 01 56 39 70 23 F1 CE C7 38 1C EC ......V9p#...8..
0010: F1 31 3E 11 7E 8D 28 9F 68 B0 84 12 A1 59 1F D1 .1>...(.h....Y..
0020: 6A C6 69 7B 1C 90 00 00 38 C0 0A C0 14 00 35 C0 j.i.....8.....5.
0030: 05 C0 0F 00 39 00 38 C0 09 C0 13 00 2F C0 04 C0 ....9.8...../...
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2...........
0050: 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 ................
0060: FF 01 00 00 3E 00 0A 00 34 00 32 00 17 00 01 00 ....>...4.2.....
0070: 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 ................
0080: 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 ................
0090: 02 00 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 ................
00A0: 02 01 00 ...
%% Initialized: [Session-9, SSL_NULL_WITH_NULL_NULL]
%% Invalidated: [Session-9, SSL_NULL_WITH_NULL_NULL]
RMI TCP Connection(11)-10.177.63.4, SEND TLSv1 ALERT: fatal, description = handshake_failure
RMI TCP Connection(11)-10.177.63.4, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 28 ......(
RMI TCP Connection(11)-10.x.x.x, called closeSocket()
RMI TCP Connection(11)-10.x.x.x, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
RMI TCP Connection(11)-10.x.x.x, called close()
RMI TCP Connection(11)-10.x.x.x, called closeInternal(true)
jconsole output with -Djavax.net.debug=all :
*** ClientHello, TLSv1
RandomCookie: GMT: 1446604835 bytes = { 241, 206, 199, 56, 28, 236, 241, 49, 62, 17, 126, 141, 40, 159, 104, 176, 132, 18, 161, 89, 31, 209, 106, 198, 105, 123, 28, 144 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
[write] MD5 and SHA1 hashes: len = 163
0000: 01 00 00 9F 03 01 56 39 70 23 F1 CE C7 38 1C EC ......V9p#...8..
0010: F1 31 3E 11 7E 8D 28 9F 68 B0 84 12 A1 59 1F D1 .1>...(.h....Y..
0020: 6A C6 69 7B 1C 90 00 00 38 C0 0A C0 14 00 35 C0 j.i.....8.....5.
0030: 05 C0 0F 00 39 00 38 C0 09 C0 13 00 2F C0 04 C0 ....9.8...../...
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2...........
0050: 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 ................
0060: FF 01 00 00 3E 00 0A 00 34 00 32 00 17 00 01 00 ....>...4.2.....
0070: 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 ................
0080: 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 ................
0090: 02 00 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 ................
00A0: 02 01 00 ...
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], WRITE: TLSv1 Handshake, length = 163
[Raw write]: length = 168
0000: 16 03 01 00 A3 01 00 00 9F 03 01 56 39 70 23 F1 ...........V9p#.
0010: CE C7 38 1C EC F1 31 3E 11 7E 8D 28 9F 68 B0 84 ..8...1>...(.h..
0020: 12 A1 59 1F D1 6A C6 69 7B 1C 90 00 00 38 C0 0A ..Y..j.i.....8..
0030: C0 14 00 35 C0 05 C0 0F 00 39 00 38 C0 09 C0 13 ...5.....9.8....
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 ./.....3.2......
0050: C0 02 C0 0C C0 08 C0 12 00 0A C0 03 C0 0D 00 16 ................
0060: 00 13 00 04 00 FF 01 00 00 3E 00 0A 00 34 00 32 .........>...4.2
0070: 00 17 00 01 00 03 00 13 00 15 00 06 00 07 00 09 ................
0080: 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F ................
0090: 00 10 00 11 00 02 00 12 00 04 00 05 00 14 00 08 ................
00A0: 00 16 00 0B 00 02 01 00 ........
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], READ: TLSv1 Alert, length = 2
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], RECV TLSv1 ALERT: fatal, handshake_failure
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], called closeSocket()
RMI RenewClean-[10.177.63.4:59903,javax.rmi.ssl.SslRMIClientSocketFactory@185fa20], handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
====
The WLS server appears to be closing out the SSL handshake request with this :
RMI TCP Connection(11)-10.x.x.x, READ: TLSv1 Handshake, length = 163
*** ClientHello, TLSv1
RandomCookie: GMT: 1446604835 bytes = { 241, 206, 199, 56, 28, 236, 241, 49, 62, 17, 126, 141, 40, 159, 104, 176, 132, 18, 161, 89, 31, 209, 106, 198, 105, 123, 28, 144 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TL
S_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_
ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_ED
E_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect23
9k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
[read] MD5 and SHA1 hashes: len = 163
0000: 01 00 00 9F 03 01 56 39 70 23 F1 CE C7 38 1C EC ......V9p#...8..
0010: F1 31 3E 11 7E 8D 28 9F 68 B0 84 12 A1 59 1F D1 .1>...(.h....Y..
0020: 6A C6 69 7B 1C 90 00 00 38 C0 0A C0 14 00 35 C0 j.i.....8.....5.
0030: 05 C0 0F 00 39 00 38 C0 09 C0 13 00 2F C0 04 C0 ....9.8...../...
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2...........
0050: 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 ................
0060: FF 01 00 00 3E 00 0A 00 34 00 32 00 17 00 01 00 ....>...4.2.....
0070: 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 ................
0080: 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 ................
0090: 02 00 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 ................
00A0: 02 01 00 ...
%% Initialized: [Session-9, SSL_NULL_WITH_NULL_NULL]
%% Invalidated: [Session-9, SSL_NULL_WITH_NULL_NULL]
RMI TCP Connection(11)-10.177.63.4, SEND TLSv1 ALERT: fatal, description = handshake_failure
RMI TCP Connection(11)-10.177.63.4, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 28 ......(
RMI TCP Connection(11)-10.x.x.x, called closeSocket()
RMI TCP Connection(11)-10.x.x.x, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
RMI TCP Connection(11)-10.x.x.x, called close()
RMI TCP Connection(11)-10.x.x.x, called closeInternal(true)