Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Getting SSLException: Received fatal alert: internal_error when running on Tomcat 7 but works fine on Java 7 main method

Tags:

java

tomcat

When running this code in Java main method, I get Status = 200 which is all good.

try {
    String url = "https://www.celltowerleaseexperts.com/"; 
    int status = HttpResponseUtil.getResponseCode(url);
    logger.warn("Status = " + status);
} catch (Exception e) {
    logger.warn(e.getMessage(), e);
}

This is the code for HttpResponseUtil:

import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class HttpResponseUtil {

 private static final Logger logger = LoggerFactory.getLogger(HttpResponseUtil.class);

 private final static String USER_AGENT = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";

 public static int getResponseCode(String url) throws IOException {

  SSLConnectionSocketFactory sslsf = null;
  try {
   SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
   sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
  } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) {
   logger.warn("Using SSLContexts.createSystemDefault()");
   SSLContext sslContext = SSLContexts.createSystemDefault();
   sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
  }

  CloseableHttpClient httpClient = HttpClients.custom()
    .setUserAgent(USER_AGENT)
    .disableAutomaticRetries()
    .disableCookieManagement()
    .setSSLSocketFactory(sslsf).build();

  try {
   HttpGet httpGet = new HttpGet(url);
   CloseableHttpResponse response = httpClient.execute(httpGet);
   return response.getStatusLine().getStatusCode();
  } finally {
   httpClient.close(); 
  }
 } 

But when I try to run it on Tomcat, I got this error:

Received fatal alert: internal_error
javax.net.ssl.SSLException: Received fatal alert: internal_error
    at sun.security.ssl.Alerts.getSSLException(Unknown Source) ~[na:1.8.0_91]
    at sun.security.ssl.Alerts.getSSLException(Unknown Source) ~[na:1.8.0_91]
    at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) ~[na:1.8.0_91]
    at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) ~[na:1.8.0_91]
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) ~[na:1.8.0_91]
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) ~[na:1.8.0_91]
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) ~[na:1.8.0_91]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) ~[httpclient-4.5.jar:4.5]
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) ~[httpclient-4.5.jar:4.5]
    at com.ardor.util.HttpResponseUtil.getResponseCode(HttpResponseUtil.java:45) ~[HttpResponseUtil.class:na]
    at com.ardor.controller.jsf.WebsiteCrawlerJsfController.doCrawl(WebsiteCrawlerJsfController.java:80) ~[WebsiteCrawlerJsfController.class:na]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91]
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_91]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_91]
    at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_91]
    at org.apache.el.parser.AstValue.invoke(AstValue.java:278) [jasper-el.jar:7.0.59]
    at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:273) [jasper-el.jar:7.0.59]
    at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at javax.faces.component.UICommand.broadcast(UICommand.java:315) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:650) [javax.faces-2.2.8-16.jar:2.2.8-16]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) [catalina.jar:7.0.59]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) [catalina.jar:7.0.59]
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat7-websocket.jar:7.0.59]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) [catalina.jar:7.0.59]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) [catalina.jar:7.0.59]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) [catalina.jar:7.0.59]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) [catalina.jar:7.0.59]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) [catalina.jar:7.0.59]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) [catalina.jar:7.0.59]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) [catalina.jar:7.0.59]
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) [catalina.jar:7.0.59]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) [catalina.jar:7.0.59]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) [catalina.jar:7.0.59]
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074) [tomcat-coyote.jar:7.0.59]
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) [tomcat-coyote.jar:7.0.59]
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316) [tomcat-coyote.jar:7.0.59]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_91]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_91]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-coyote.jar:7.0.59]
    at java.lang.Thread.run(Unknown Source) [na:1.8.0_91]

I'm using Java 7 and Apache Tomcat 7.0.59

*****EDIT**: I enabled the jvax.ssl log output as Sangram Jadhav suggested. Here it is: (too long to include here so I just pasted it in an online notepad)

https://shrib.com/see/8kk9lXzMDl3vRZaTOt0v1oJi2ADaToRRP1R0OGCRs6DAVdTkNK?v=nc

like image 572
franbow Avatar asked Oct 10 '16 07:10

franbow


1 Answers

This might be because of issue in JDK8 Issue

Try to update you JDK/JRE to latest JDK/JRE. From log, it is clear that you are using JDK/JRE 1.8.0_91.

Edit:

While checking the Jdk Release, it seems that this issue is still not released (Build 8u122). There is early access build available that you can try.

Other solution is to refrain from Setting Custom HostName verifier as mentioned issue arises due to that. Find out where you have set the hostname verifier in code. Find the reference for below method

javax.net.ssl.HttpsURLConnection.setHostnameVerifier

and remove that code.

like image 153
Sangram Jadhav Avatar answered Sep 18 '22 13:09

Sangram Jadhav