APAR status
Closed as suggestion for future release.
Error description
DESC: PK93653 introduced ORBSSLHandshakeTimeout which sets a read timeout before and after invoking JSSE code to perform an ssl handshake on a new incoming ssl connection. The problem occurs when the underlying socket is closed due to an exception in the JSSE code, and this condition is not properly checked for in the ORB layer, thus causing the ListenerThread to spawn a Reader (which ends up shutting down immediately on startup) when it should not have done so. Sample trace: [1/14/11 15:45:06:293 GMT] 000001ea ORBRas 1 com.ibm.ws.security.orbssl.WSSSLServerSocketFactoryImpl getPeerCertificateChain LT=1:P=856805:O=0:port=37001 The following exception was logged java.net.SocketException: Socket Closed at java.net.PlainSocketImpl.setOption at java.net.Socket.setSoTimeout at com.ibm.jsse2.jc.setSoTimeout at com.ibm.ws.security.orbssl.WSSSLServerSocketFactoryImpl. getPeerCertificateChain at com.ibm.ws.orbimpl.transport.WSSSLTransportConnection$1.run at com.ibm.ws.security.util.AccessController.doPrivileged at com.ibm.ws.orbimpl.transport.WSSSLTransportConnection.<init> at com.ibm.ws.orbimpl.transport.WSTransport.createTransportConnecti on at com.ibm.rmi.transport.ListenerThread.run [1/14/11 15:45:06:293 GMT] 000001ea ORBRas 3 com.ibm.ws.security.orbssl.WSSSLServerSocketFactoryImpl getPeerCertificateChain(SSLSocket,ORBForTransports) LT=1:P=856805:O=0:port=37001 exception occured when trying to set the timeout back to 0, most likely the socket is closed since the handshake took too long and reader thread times it out, theSocket = 68646864[SSL_NULL_WITH_NULL_NULL: Socket[addr=customer.company.com/192.168.200.80,port=59038, localport=37001]] ... [1/14/11 15:45:06:294 GMT] 000001ea ORBRas > com.ibm.rmi.transport.ConnectionTableImpl addConnection:293 LT=1:P=856805:O=0:port=37001 Entry [com.ibm.ws.orbimpl.transport.ConnectionKey@f0bfb7dc, host=va1sz2ecmas35.bankofamerica.com, port=59038] com.ibm.rmi.iiop.Connection@6fa66fa6: timeStamp=2496, isServer=true, State: ESTABLISHED (2), transportConnection: com.ibm.ws.orbimpl.transport.WSSSLTransportConnection@68ce68ce socket=68646864[SSL_NULL_WITH_NULL_NULL: Socket[addr=customer.company.com/192.168.200.80,port=59038, localport=37001]] key=[com.ibm.ws.orbimpl.transport.ConnectionKey@f0bfb7dc, host=customer.company.com, port=59038] [1/14/11 15:45:06:294 GMT] 000001ea ORBRas < com.ibm.rmi.transport.ConnectionTableImpl addConnection:303 LT=1:P=856805:O=0:port=37001 Exit size=379 [1/14/11 15:45:06:294 GMT] 000001ea ORBRas > com.ibm.rmi.transport.ReaderPoolImpl addConnection:184 LT=1:P=856805:O=0:port=37001 Entry .... [1/14/11 15:45:06:295 GMT] 00000364 ORBRas 3 com.ibm.rmi.iiop.Connection doReaderWorkOnce:2991 RT=384:P=856805:O=0:WSSSLTransportConnection[addr=192.168.200.80 , port=59038,local=37001] The following exception was logged javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketTimeoutException: Read timed out at com.ibm.jsse2.jc.i(jc.java:205) at com.ibm.jsse2.e.read(e.java:28) at com.ibm.rmi.iiop.Connection.readMoreData(Connection.java:1593) at com.ibm.rmi.iiop.Connection.createInputStream(Connection.java:14 08) at com.ibm.rmi.iiop.Connection.doReaderWorkOnce(Connection.java:298 2) at com.ibm.rmi.transport.ReaderThread.run(ReaderPoolImpl.java:138)
Local fix
N/A
Problem summary
Problem conclusion
Temporary fix
Comments
APAR PM31156 is being closed SUG because it has been decided to provide the new functionality of deferring SSL handshakes onto an ORB Reader Thread in a possible new FIS.
APAR Information
APAR number
PM31156
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
61A
Status
CLOSED SUG
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-01-25
Closed date
2012-01-16
Last modified date
2012-03-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
10 February 2022