Recent Changes - Search:


Code:


Social:


My journals will take the place of a blog. If you go to the Journal page there is an RSS feed to subscribe with.

(:blogcal group=Journal:)


Sites I take responsibility for

West Volusia, Florida

Documents

Technical

General

Me

Living

Places I frequent

Hobbies

Humor

Items for sale:


Clipboard

edit SideBar

javax.net.ssl.SSLException: Received fatal alert: unexpected_message

Include our styles below Infobox - invoke as >>infobox<< ... >><<

Codebox: - invoke as >>codebox<< ... >><<

warnbox: - invoke as >>codebox<< ... >><<

editingbox: - invoke as >>codebox<< ... >><<

noticebox: - invoke as >>codebox<< ... >><<

Page bread crumbs: Main - MyPublicTechnicalNotes - SoftwareAndOperatingSystems - Software - Development - Java - KnowledgeBase - SSLIssues - unexpectedMessage

Pages by tags: (:listtags:)
Subscribe to this wiki: RSS Feed RSS or subscribe to this page for changes: RSS Feed RSS
496 articles have been published so far. Recent changes
(:addThis btn="custom":)

2016-03-22: This site is being moved to my main site at https://kevininscoe.com/wiki as part of a consolidation to one domain.


From https://forums.oracle.com/forums/thread.jspa?threadID=1531808

Java exceptions including this message:

javax.net.ssl.SSLException: Received fatal alert: unexpected_message

under Solaris 10 are likely the cause of this file being out of order:

The issue was that our SSL connections would work on the first call, but then fail on subsequent calls while trying to reuse the connection.

I had to update the java.security file within the java installation itself to remove the SunPKCS11 cryptography provider.

Need to update the Java security provider file within the java installation itself to remove the Sun PKCS11 cryptography provider which appears to not be available under Solaris 10. The PVCS #11 Provider Guide states under Requirements "The Sun PKCS#11 provider requires an implementation of PKCS#11 v2.0 or later to be installed on the system."

This Java security provider file is located at:

 $JAVA_HOME/jre/lib/security/java.security

Originally the file on the server had this configuration:

 
#
# List of providers and their preference orders (see above):
#
security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg
security.provider.2=sun.security.provider.Sun
security.provider.3=sun.security.rsa.SunRsaSign
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.9=sun.security.smartcardio.SunPCSC

When we updated it to this configuration, the problem is resolved:

 
#
# List of providers and their preference orders (see above):
#
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC
security.provider.9=sun.security.mscapi.SunMSCAPI


Kevin's Public Wiki maintained and created by Kevin P. Inscoe is licensed under a
Creative Commons Attribution 3.0 United States License.

Back to my web site - http://kevininscoe.com

Edit - History - Print - Recent Changes - Search
Page last modified on March 08, 2012, at 12:19 PM EST