Topic
No replies
SystemAdmin
SystemAdmin
64 Posts
ACCEPTED ANSWER

Pinned topic javax.net.ssl.SSLHandshakeException: not allow insecure renegotiation

‏2012-01-12T09:06:23Z |
After i added java option "-Dcom.ibm.jsse2.renegotiate=ALL", I still getting the following exception in WAS8.0.1 log:
(What parameters not set? The java application works fine in WAS7)

javax.net.ssl.SSLHandshakeException: not allow insecure renegotiation
at com.ibm.jsse2.n.a(n.java:28)
at com.ibm.jsse2.tc.a(tc.java:251)
at com.ibm.jsse2.gb.a(gb.java:251)
at com.ibm.jsse2.gb.a(gb.java:206)
at com.ibm.jsse2.hb.serverHello(hb.java:53)
at com.ibm.jsse2.hb.a(hb.java:381)
at com.ibm.jsse2.gb.n(gb.java:71) at com.ibm.jsse2.gb.a(gb.java:324)
at com.ibm.jsse2.tc.a(tc.java:559)
at com.ibm.jsse2.tc.a(tc.java:76)
at com.ibm.jsse2.e.read(e.java:14)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:229)
at java.io.BufferedInputStream.read1(BufferedInputStream.java:269)
at java.io.BufferedInputStream.read(BufferedInputStream.java:328)
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:700)
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:808)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:645)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:665)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1205)
...
...
at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101)
at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:402)
at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:3149)
at com.ibm.ws.security.web.WebCollaborator.SetAuthenticatedSubjectIfNeeded(WebCollaborator.java:3065)
at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:643)
at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:429)
at com.ibm.ws.webcontainer.collaborator.WebAppSecurityCollaboratorImpl.preInvoke(WebAppSecurityCollaboratorImpl.java:230)
at com.ibm.wsspi.webcontainer.collaborator.CollaboratorHelper.preInvokeCollaborators(CollaboratorHelper.java:431)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1013)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3703)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:304)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:953)
at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1655)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:195)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305)
at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1784)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1650)