Quantcast

javax.net.ssl.SSLException: Received fatal alert: internal_error

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

javax.net.ssl.SSLException: Received fatal alert: internal_error

Xueling Shu
I keep getting the following exception when running just a simple https request via JMeter. However the same request passed through “curl” on the command prompt.

No changes were made on the JMeter scripts. The only thing I can think of is we just moved the servers to vpc. Per “curl” TLS .2 is the SSL level the server is now using. So I updated “jmeter.properties” and explicitly specified "https.default.protocol=TLSv1” But that did not help.

Below is the full stack trace I got. Without any more details from that stack I cannot tell where exactly failed on SSL.

Anyone has some ideas to resolve this? Thank you!

javax.net.ssl.SSLException: Received fatal alert: internal_error
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:436)
        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
        at org.apache.jmeter.protocol.http.sampler.MeasuringConnectionManager$MeasuredConnection.open(MeasuringConnectionManager.java:107)
        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643)
        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
        at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:517)
        at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:331)
        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)
        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1146)
        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1135)
        at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:434)
        at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:261)
        at java.lang.Thread.run(Thread.java:745)



       
Xueling Shu
Lead QA Engineer
ROADIE, INC.
O 1-844-4-ROADIE|Ext 716 <tel:1-844-4-ROADIE|ext 716>
ROADIE.COM <https://www.roadie.com/>



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: javax.net.ssl.SSLException: Received fatal alert: internal_error

chaitanya bhatt
If your server is using disabled/legacy algorithms to encrypt data then
newer JDK/JRE can prevent from successful SSL connection.

You can override such JDK/JRE security configuration by going to
$JAVA_HOME/lib/security/java.security.

Lookup for key-value pairs such as jdk.tls.disabledAlgorithms=SSLv3, RC4,
MD5withRSA and jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize <
1024. Comment out or remove exceptions.

Usually, such security errors get reported as "unsupported cipher etc.
etc." by JMeter's http component library , So this may not be a solution,
nevertheless it is worth to try.

Thanks
Chaitanya M Bhatt


On Thu, Dec 8, 2016 at 2:10 PM, Xueling Shu <[hidden email]> wrote:

> I keep getting the following exception when running just a simple https
> request via JMeter. However the same request passed through “curl” on the
> command prompt.
>
> No changes were made on the JMeter scripts. The only thing I can think of
> is we just moved the servers to vpc. Per “curl” TLS .2 is the SSL level the
> server is now using. So I updated “jmeter.properties” and explicitly
> specified "https.default.protocol=TLSv1” But that did not help.
>
> Below is the full stack trace I got. Without any more details from that
> stack I cannot tell where exactly failed on SSL.
>
> Anyone has some ideas to resolve this? Thank you!
>
> javax.net.ssl.SSLException: Received fatal alert: internal_error
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>         at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>         at sun.security.ssl.SSLSocketImpl.recvAlert(
> SSLSocketImpl.java:2023)
>         at sun.security.ssl.SSLSocketImpl.readRecord(
> SSLSocketImpl.java:1125)
>         at sun.security.ssl.SSLSocketImpl.performInitialHandshake(
> SSLSocketImpl.java:1375)
>         at sun.security.ssl.SSLSocketImpl.startHandshake(
> SSLSocketImpl.java:1403)
>         at sun.security.ssl.SSLSocketImpl.startHandshake(
> SSLSocketImpl.java:1387)
>         at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(
> SSLSocketFactory.java:436)
>         at org.apache.http.impl.conn.DefaultClientConnectionOperato
> r.openConnection(DefaultClientConnectionOperator.java:180)
>         at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(
> ManagedClientConnectionImpl.java:294)
>         at org.apache.jmeter.protocol.http.sampler.
> MeasuringConnectionManager$MeasuredConnection.open(
> MeasuringConnectionManager.java:107)
>         at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(
> DefaultRequestDirector.java:643)
>         at org.apache.http.impl.client.DefaultRequestDirector.execute(
> DefaultRequestDirector.java:479)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(
> AbstractHttpClient.java:906)
>         at org.apache.http.impl.client.AbstractHttpClient.execute(
> AbstractHttpClient.java:805)
>         at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.
> executeRequest(HTTPHC4Impl.java:517)
>         at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.
> sample(HTTPHC4Impl.java:331)
>         at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.
> sample(HTTPSamplerProxy.java:74)
>         at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.
> sample(HTTPSamplerBase.java:1146)
>         at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.
> sample(HTTPSamplerBase.java:1135)
>         at org.apache.jmeter.threads.JMeterThread.process_sampler(
> JMeterThread.java:434)
>         at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.
> java:261)
>         at java.lang.Thread.run(Thread.java:745)
>
>
>
>
> Xueling Shu
> Lead QA Engineer
> ROADIE, INC.
> O 1-844-4-ROADIE|Ext 716 <tel:1-844-4-ROADIE|ext 716>
> ROADIE.COM <https://www.roadie.com/>
>
>
>
>
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: javax.net.ssl.SSLException: Received fatal alert: internal_error

Xueling Shu

Thanks Chaitanya,

I updated the JDK to the latest “1.8.0_111” and checked the jdk.tls.disabledAlgorithms. Our server is not using disabled/legacy algorithms either.

Unfortunately the same issue is still there.

Thanks,
Xueling


> On Dec 8, 2016, at 5:40 PM, chaitanya bhatt <[hidden email]> wrote:
>
> If your server is using disabled/legacy algorithms to encrypt data then
> newer JDK/JRE can prevent from successful SSL connection.
>
> You can override such JDK/JRE security configuration by going to
> $JAVA_HOME/lib/security/java.security.
>
> Lookup for key-value pairs such as jdk.tls.disabledAlgorithms=SSLv3, RC4,
> MD5withRSA and jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize <
> 1024. Comment out or remove exceptions.
>
> Usually, such security errors get reported as "unsupported cipher etc.
> etc." by JMeter's http component library , So this may not be a solution,
> nevertheless it is worth to try.
>
> Thanks
> Chaitanya M Bhatt
>
>
> On Thu, Dec 8, 2016 at 2:10 PM, Xueling Shu <[hidden email] <mailto:[hidden email]>> wrote:
>
>> I keep getting the following exception when running just a simple https
>> request via JMeter. However the same request passed through “curl” on the
>> command prompt.
>>
>> No changes were made on the JMeter scripts. The only thing I can think of
>> is we just moved the servers to vpc. Per “curl” TLS .2 is the SSL level the
>> server is now using. So I updated “jmeter.properties” and explicitly
>> specified "https.default.protocol=TLSv1” But that did not help.
>>
>> Below is the full stack trace I got. Without any more details from that
>> stack I cannot tell where exactly failed on SSL.
>>
>> Anyone has some ideas to resolve this? Thank you!
>>
>> javax.net.ssl.SSLException: Received fatal alert: internal_error
>>        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>>        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>>        at sun.security.ssl.SSLSocketImpl.recvAlert(
>> SSLSocketImpl.java:2023)
>>        at sun.security.ssl.SSLSocketImpl.readRecord(
>> SSLSocketImpl.java:1125)
>>        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(
>> SSLSocketImpl.java:1375)
>>        at sun.security.ssl.SSLSocketImpl.startHandshake(
>> SSLSocketImpl.java:1403)
>>        at sun.security.ssl.SSLSocketImpl.startHandshake(
>> SSLSocketImpl.java:1387)
>>        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(
>> SSLSocketFactory.java:436)
>>        at org.apache.http.impl.conn.DefaultClientConnectionOperato
>> r.openConnection(DefaultClientConnectionOperator.java:180)
>>        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(
>> ManagedClientConnectionImpl.java:294)
>>        at org.apache.jmeter.protocol.http.sampler.
>> MeasuringConnectionManager$MeasuredConnection.open(
>> MeasuringConnectionManager.java:107)
>>        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(
>> DefaultRequestDirector.java:643)
>>        at org.apache.http.impl.client.DefaultRequestDirector.execute(
>> DefaultRequestDirector.java:479)
>>        at org.apache.http.impl.client.AbstractHttpClient.execute(
>> AbstractHttpClient.java:906)
>>        at org.apache.http.impl.client.AbstractHttpClient.execute(
>> AbstractHttpClient.java:805)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.
>> executeRequest(HTTPHC4Impl.java:517)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.
>> sample(HTTPHC4Impl.java:331)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.
>> sample(HTTPSamplerProxy.java:74)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.
>> sample(HTTPSamplerBase.java:1146)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.
>> sample(HTTPSamplerBase.java:1135)
>>        at org.apache.jmeter.threads.JMeterThread.process_sampler(
>> JMeterThread.java:434)
>>        at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.
>> java:261)
>>        at java.lang.Thread.run(Thread.java:745)
>>
>>
>>
>>
>> Xueling Shu
>> Lead QA Engineer
>> ROADIE, INC.
>> O 1-844-4-ROADIE|Ext 716 <tel:1-844-4-ROADIE|ext 716 <tel:1-844-4-ROADIE|ext 716>>
>> ROADIE.COM <http://roadie.com/> <https://www.roadie.com/ <https://www.roadie.com/>>

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: javax.net.ssl.SSLException: Received fatal alert: internal_error

Xueling Shu
In reply to this post by chaitanya bhatt
Problem is resolved by updating both JMeter and JDK to the latest.

> On Dec 8, 2016, at 5:40 PM, chaitanya bhatt <[hidden email]> wrote:
>
> If your server is using disabled/legacy algorithms to encrypt data then
> newer JDK/JRE can prevent from successful SSL connection.
>
> You can override such JDK/JRE security configuration by going to
> $JAVA_HOME/lib/security/java.security.
>
> Lookup for key-value pairs such as jdk.tls.disabledAlgorithms=SSLv3, RC4,
> MD5withRSA and jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize <
> 1024. Comment out or remove exceptions.
>
> Usually, such security errors get reported as "unsupported cipher etc.
> etc." by JMeter's http component library , So this may not be a solution,
> nevertheless it is worth to try.
>
> Thanks
> Chaitanya M Bhatt
>
>
>> On Thu, Dec 8, 2016 at 2:10 PM, Xueling Shu <[hidden email]> wrote:
>>
>> I keep getting the following exception when running just a simple https
>> request via JMeter. However the same request passed through “curl” on the
>> command prompt.
>>
>> No changes were made on the JMeter scripts. The only thing I can think of
>> is we just moved the servers to vpc. Per “curl” TLS .2 is the SSL level the
>> server is now using. So I updated “jmeter.properties” and explicitly
>> specified "https.default.protocol=TLSv1” But that did not help.
>>
>> Below is the full stack trace I got. Without any more details from that
>> stack I cannot tell where exactly failed on SSL.
>>
>> Anyone has some ideas to resolve this? Thank you!
>>
>> javax.net.ssl.SSLException: Received fatal alert: internal_error
>>        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
>>        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>>        at sun.security.ssl.SSLSocketImpl.recvAlert(
>> SSLSocketImpl.java:2023)
>>        at sun.security.ssl.SSLSocketImpl.readRecord(
>> SSLSocketImpl.java:1125)
>>        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(
>> SSLSocketImpl.java:1375)
>>        at sun.security.ssl.SSLSocketImpl.startHandshake(
>> SSLSocketImpl.java:1403)
>>        at sun.security.ssl.SSLSocketImpl.startHandshake(
>> SSLSocketImpl.java:1387)
>>        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(
>> SSLSocketFactory.java:436)
>>        at org.apache.http.impl.conn.DefaultClientConnectionOperato
>> r.openConnection(DefaultClientConnectionOperator.java:180)
>>        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(
>> ManagedClientConnectionImpl.java:294)
>>        at org.apache.jmeter.protocol.http.sampler.
>> MeasuringConnectionManager$MeasuredConnection.open(
>> MeasuringConnectionManager.java:107)
>>        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(
>> DefaultRequestDirector.java:643)
>>        at org.apache.http.impl.client.DefaultRequestDirector.execute(
>> DefaultRequestDirector.java:479)
>>        at org.apache.http.impl.client.AbstractHttpClient.execute(
>> AbstractHttpClient.java:906)
>>        at org.apache.http.impl.client.AbstractHttpClient.execute(
>> AbstractHttpClient.java:805)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.
>> executeRequest(HTTPHC4Impl.java:517)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.
>> sample(HTTPHC4Impl.java:331)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.
>> sample(HTTPSamplerProxy.java:74)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.
>> sample(HTTPSamplerBase.java:1146)
>>        at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.
>> sample(HTTPSamplerBase.java:1135)
>>        at org.apache.jmeter.threads.JMeterThread.process_sampler(
>> JMeterThread.java:434)
>>        at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.
>> java:261)
>>        at java.lang.Thread.run(Thread.java:745)
>>
>>
>>
>>
>> Xueling Shu
>> Lead QA Engineer
>> ROADIE, INC.
>> O 1-844-4-ROADIE|Ext 716 <tel:1-844-4-ROADIE|ext 716>
>> ROADIE.COM <https://www.roadie.com/>
>>
>>
>>
>>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Loading...