This discussion is archived
3 Replies Latest reply: Nov 2, 2013 5:12 AM by 049e366a-b08f-43e2-b193-70d8480e3ca7 RSS

Failing to make HTTPS calls intermittently

049e366a-b08f-43e2-b193-70d8480e3ca7 Newbie
Currently Being Moderated

Hello everyone,

I am intermittently getting issues when connecting to a HTTPS url. I don't think its a certificate issue, as the same code works some time and fails other time.

 

Exception details.

Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
  at com
.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:882)
  at com
.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
  at com
.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
  at com
.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
  at sun
.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
  at sun
.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
  at sun
.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
  
... 35 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
  at com
.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:462)
  at com
.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)
  
... 41 more



The similar issue was reported on many other sites, but did not find any good answer behind root cause and about the solution.



Here's what my code does. I tried running this chunk of code in separate threads as well and noticed that some threads did pass successfully, while some failed with above exception in same program execution flow.

Does it anything to have with server URL that I am hitting. When I accessed the URL from browser, I noticed that server certificate is using TLS 1.0

 

            java.net.URL url = new java.net.URL(URL);

            connection = url.openConnection();

            connection.setDoOutput(true);

            oStream = connection.getOutputStream();

            out = new OutputStreamWriter(oStream);

            out.write("xml=" + data);

            // close to flush and release writer

            out.close();

            out = null;

 

            iStream = connection.getInputStream();

            isReader = new InputStreamReader(iStream);

            response = new BufferedReader(isReader);

 

            StringBuffer returnData = new StringBuffer();

            returnData.setLength(0);

            String line = null;

            // readLine() throws an I/O error

            while ((line = response.readLine()) != null) {

                returnData.append(line);

            }

 

Here are the environment details

OS: Linux

Jdk: build 1.6.0_29-b11 (I also tried with build 1.6.0_37-b06)

 

Is this a bug in JDK security implementation?

How shall I go about fixing or rather first determining the root cause of issue?

 

 

Any help is very much appreciated.

  • 1. Re: Failing to make HTTPS calls intermittently
    EJP Guru
    Currently Being Moderated

    This usually means that the server asked for a client certificate; you didn't provide one; and the server required it. Its only recourse is to close the connection. In other words in Java terms it has 'needClientAuth' set to 'true'. If you want to connect to this site it appears you will need to provide a client certificate, which is accomplished by (a) having one and (b) setting the javax.net.ssl.keyStore/keyStorePassword system properties.

     

    You can verify this conjecture by running your client with -Djavax.net.debug=ssl,handshake and seeing whether there is a CertificateRequest message from the server, and no Certificate message from the client.

  • 2. Re: Failing to make HTTPS calls intermittently
    jschellSomeoneStoleMyAlias Expert
    Currently Being Moderated

    > I am intermittently getting issues when connecting to a HTTPS url.

     

    What does that mean exactly?

    Are you connecting to exactly one server over and over again and sometimes it fails?

    Or are you connecting to X servers over and over again and sometimes it fails?  And it fails on different servers or the same one?  And you know which one it failed on?

    Or are you connecting to many servers which varies over time and some of those fail sometimes or some of them fail ever time (but you don't know which ones are failing so you don't know if it is consistent or not)?

     

    Presuming that of those possible cases that it is a single server which successfully connects sometimes and fails other times then it is probably an environment issue.  Tracking when the failures occur might help.

  • 3. Re: Failing to make HTTPS calls intermittently
    049e366a-b08f-43e2-b193-70d8480e3ca7 Newbie
    Currently Being Moderated

    Yes. We are making call to a external server using HTTPS from our tomcat server. It's same URL hit multiple times based on user request, which fails sometimes and passes sometimes.

    I am checking this up with external server monitoring & infra team to see if there's any log available at their end.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points