Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jersey-dev] [External] : Jersey standalone server SSL question
  • From: Maxim Nesen <maxim.nesen@xxxxxxxxxx>
  • Date: Tue, 1 Mar 2022 14:51:21 +0000
  • Accept-language: cs-CZ, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=t+BhK2k8le0TOo1x9cS+mqrItkNn4hdm8r6qfqsu144=; b=D8mFvN1Ezpf4UJzxPkKVuhWuK8NTvnM0BymcmVLwOrBTGVRClHGa+6wJfKmDwT0r1CNHPApV1uSE3oGPI1YiwMYOg2til43EFuBfu7ojC7fu7lQn08XxRj19haWkb2ZCfjNKk+HC5iA1cqd0X8gndAPtnvebI9GI6NCT83PvbQcUCAsh1qpu+4t0Bp5/Os8aBGCQKXMEduZpCyt9ptsWWEWnKEDRCibdNTjinZcpwVfTJd92+YfSDRmJtyshT/ZMDRe6L260YlntfGusQzon/w7oziBGc8Izylqz2rpXOHnyDoSbuhKbqextXZ+rzR/WRrWMc5q9tfxLR3/DzUm4nQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XY0blD+bMmRnP0idE+zhCgJWXjV0siBM5Y2D7YYnMCXSW13vjIvVvLH62E86CXOC6jqDppxLxOYSWOBwEMmieuLdMt1m8bsD6x6XNZZO1BgBwKEu8lEyNHTgfCNeLJzLitxqbZSMaQmoTGl9Z7Lyb47BvmQ+MY7BdEGEgBD3Aiu/wh5oGOI4MgndOXwGgAdnqxf6ohDbDjs4HqWsVe8Yme5TH/JlNcykzNAg76q0p6/XCEeaX/heC9IHFJBT+lq7DwmlazxMUaDozRK6qfUFH7WuTSv8m+OvI9WK8t15yzoFPc7/r+esH3/XJ13JhMzY1lyZVVXHRlD0zcGWxe3zKg==
  • Delivered-to: jersey-dev@xxxxxxxxxxx
  • List-archive: <https://www.eclipse.org/mailman/private/jersey-dev/>
  • List-help: <mailto:jersey-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://www.eclipse.org/mailman/listinfo/jersey-dev>, <mailto:jersey-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://www.eclipse.org/mailman/options/jersey-dev>, <mailto:jersey-dev-request@eclipse.org?subject=unsubscribe>
  • Suggested_attachment_session_id: 304c7239-e05f-fa82-80d3-17db7c86bf22
  • Thread-index: AdgteVT7N8/MBRMUS1aPl7ind0gu7AAAis1I
  • Thread-topic: [External] : [jersey-dev] Jersey standalone server SSL question
Hi Markus,

The given exception may refer to the https://bugs.openjdk.java.net/browse/JDK-8207223 issue


However looking at your properties set, the trustStore property should be set to NONE if it is not a real file.

Hope this helps,
Regards,
Maxim
Od: jersey-dev <jersey-dev-bounces@xxxxxxxxxxx> za uživatele Markus Karg <markus@xxxxxxxxxxxxxxx>
Odesláno: úterý 1. března 2022 15:33
Komu: jersey-dev@xxxxxxxxxxx <jersey-dev@xxxxxxxxxxx>
Předmět: [External] : [jersey-dev] Jersey standalone server SSL question
 

Dear Jersey Community,

 

I need your urgent help. :-)

 

I am starting a standalone Jersey/Grizzly server using SSL with this code:

 

var sslConfig = new SSLEngineConfigurator(SSLContext.getDefaults());

var httpServer = GrizzlyHttpServerFactory.createHttpServer(baseUri, resourceConfig, true, sslConfig);

 

I deliberately do not have any SSL configuration here in the Java code, but all I do is using system properties provided when launching the JRE:

 

-Djavax.net.ssl.trustStoreType=Windows-ROOT

-Djavax.net.ssl.trustStore=NUL

-Djavax.net.ssl.keyStore=C:\...\id.pfx

-Djavax.net.ssl.keyStorePassword=xxx

 

BTW, this exact same system properties are used by a Payara 5 instance I am running on the same dev machine and it works pretty well, so they are assumed to be as correct as the used server certificate itself.

 

The server boots successfully, but when accessing it (e. g. using cURL or the JRE's new HttpClient class), the server logs this message:

 

GRIZZLY0013: Exception during FilterChain execution

javax.net.ssl.SSLProtocolException: Unexpected handshake message: client_hello

 

The same message is shown on the client side.

 

What could be the possible cause, and how to fix it?

 

Thanks a lot!

-Markus Karg

 

Back to the top