Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8228641

SSL protocol breaks with Firefox/Chrome clients

    XMLWordPrintable

Details

    Description

      ADDITIONAL SYSTEM INFORMATION :
      Ubuntu 18 (64 bit), JDK 11.0.4 / JDK 12.0.2

      A DESCRIPTION OF THE PROBLEM :
      Please try this program (designed for 64 Bit Linux): http://botcompany.de:8081/ssl-bugreport.tgz

      There are 3 scripts (jdk10-ok, jdk11-broken, jdk12-broken) to show the broken/working behavior with the respective JDK versions.

      The program always sets up a web server at https://localhost:1443 which is supposed to serve a single image. Then it loads the image itself which always works. Also, some clients are able to connect (e.g. wget).

      However, when you open https://localhost:1443 in Chrome or Firefox (accepting the obvious certificate warning), you get various SSL-related errors (ERR_SSL_PROTOCOL_ERROR in Chrome, SSL_ERROR_RX_RECORD_TOO_LONG in Firefox).

      This error occurs only with JDK 11 and JDK 12, not with JDK 10.

      I hear SSL implementations have changed in JDK 11, but this bug does not logically seem to follow from that. There are no Java exceptions and apparently no cipher mismatches, but instead a different kind of SSL protocol error.

      Note: I tried to remove my helper library x30.jar (which doesn't do much here) from the program, but wasn't able to do so in short time and decided to just push out the bug report instead. The basic sources for x30.jar are here: http://code.botcompany.de:8081/tb-int/get-transpiled.php?id=1001638&raw=1

      Please advise, this is very important, as I currently cannot use JDK 11+ as a web server because of this bug.

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      Extract the archive, run "java -cp classes:x30.jar main" and open https://localhost:1443 in a browser.

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      An image is served at https://localhost:1443
      ACTUAL -
      Browsers fail with SSL errors

      ---------- BEGIN SOURCE ----------
      See bug report
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      Use JDK 10

      FREQUENCY : always


      Attachments

        Issue Links

          Activity

            People

              xuelei Xuelei Fan
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: