IBM Support

webMethods Knowlegebase : javax.net.ssl.SSLException: Received fatal alert: bad_record_mac errors on MWS (1790790)

Troubleshooting


Problem

Doing runtime MWS deployment, connecting with SSL, on the first stage of deployment’ definition, when choosing our MWS server as the source, and accessing it to choose the MWS assets to deploy, on this stage the MWS server itself getting into SSL errors ,and does not responds correctly to requests.

After 20-40 secs, we will see SSL errors in Browsers as well

In browser (Firefox), it returns:

An error occurred while establishing a secure connection

An error occurred while connecting to {test server address}. SSL received a record with an incorrect message authentication code. Error code: SSL_ERROR_BAD_MAC_READ ...

In Chrome, it returns ERR_CONNECTION_REFUSED.

-> Without "Use SSL" it works properly, no errors raised.

MWS 10.1 Fix3 installed.

From MWS _full_.log:

2018-07-12 15:32:24 IDT (c.w.p.f.i.PortalServlet:INFO) [qtp1661045165-106] [RID:70] - Request [uxit2jhenhyu1tjgupifz0mo2:Administrator] https://localhost:8586/webm.apps.config.ws.locations (POST)

2018-07-12 15:32:24 IDT (o.e.j.h.HttpParser:WARN) [qtp1661045165-106] - badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@5e596142{r=1,c=false,a=IDLE,uri=-}

From MWS wrapper.log:

INFO | jvm 1 | 2018/07/12 15:58:14 | qtp2053665262-104, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack?

INFO | jvm 1 | 2018/07/12 15:58:14 | javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

INFO | jvm 1 | 2018/07/12 15:58:14 | %% Invalidated: [Session-92, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]

INFO | jvm 1 | 2018/07/12 15:58:14 | qtp2053665262-104, SEND TLSv1.2 ALERT: fatal, description = internal_error

INFO | jvm 1 | 2018/07/12 15:58:14 | qtp2053665262-104, Exception sending alert: java.io.IOException: writer side was already closed.

Document Location

Worldwide

[{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSVYEV","label":"IBM webMethods Integration"},"ARM Category":[{"code":"a8mKe00000000AQIAY","label":"My webMethods Server (MWS)"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Red Hat Enterprise Linux"}],"Version":"10.1"},{"Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSAWP1J","label":"IBM webMethods BPM"},"ARM Category":[{"code":"a8mKe00000000AQIAY","label":"My webMethods Server (MWS)"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Red Hat Enterprise Linux"}],"Version":"10.1"},{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSFIWYE","label":"IBM webMethods B2B"},"ARM Category":[{"code":"a8mKe00000000AQIAY","label":"My webMethods Server (MWS)"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Red Hat Enterprise Linux"}],"Version":"10.1"},{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSQG2X","label":"IBM webMethods Managed File Transfer"},"ARM Category":[{"code":"a8mKe00000000AQIAY","label":"My webMethods Server (MWS)"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Red Hat Enterprise Linux"}],"Version":"10.1"}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

Modified date:
20 March 2025

UID

ibm17214367

Page Feedback