While running some experimental Java code which interacts with a MySQL server, I received these messages and then the server crashed:
Message from syslogd#localhost at Jun 20 20:04:12 ...
kernel:Stack:
Message from syslogd#localhost at Jun 20 20:04:12 ...
kernel:Call Trace:
Message from syslogd#localhost at Jun 20 20:04:12 ...
kernel:Code: e0 48 8d 55 b0 48 89 4d e8 4c 89 45 f0 48 89 45 b8 48 8d 45 d0 4c 89 4d f8 c7 45 b0 10 00 00 00 48 89 45 c0 e8 5a ff ff ff c9 c3 <89> f0 b9 40 00 00 00 55 99 45 31 c0 f7 f9 48 89 e5 48 89 fa 41
What do they mean? After restart, everything is working again. /var/log/messages has no entries near the time of the event and dmesg doesn't seem to show anything about it either.
Fedora release 13 (Goddard)
2.6.34.8-68.fc13.x86_64
Here's a disassembly of the dumped code, if that helps. I'm assuming the byte surrounded by the angle brackets is where the code crashed, although I can't see how a mov statement from one register to another could do so.
0: e0 48 loopne 0x4a
2: 8d 55 b0 lea -0x50(%ebp),%edx
5: 48 dec %eax
6: 89 4d e8 mov %ecx,-0x18(%ebp)
9: 4c dec %esp
a: 89 45 f0 mov %eax,-0x10(%ebp)
d: 48 dec %eax
e: 89 45 b8 mov %eax,-0x48(%ebp)
11: 48 dec %eax
12: 8d 45 d0 lea -0x30(%ebp),%eax
15: 4c dec %esp
16: 89 4d f8 mov %ecx,-0x8(%ebp)
19: c7 45 b0 10 00 00 00 movl $0x10,-0x50(%ebp)
20: 48 dec %eax
21: 89 45 c0 mov %eax,-0x40(%ebp)
24: e8 5a ff ff ff call 0xffffff83
29: c9 leave
2a: c3 ret
2b: 89 f0 mov %esi,%eax <-- here is where it failed?
2d: b9 40 00 00 00 mov $0x40,%ecx
32: 55 push %ebp
33: 99 cltd
34: 45 inc %ebp
35: 31 c0 xor %eax,%eax
37: f7 f9 idiv %ecx
39: 48 dec %eax
3a: 89 e5 mov %esp,%ebp
3c: 48 dec %eax
3d: 89 fa mov %edi,%edx
3f: 41 inc %ecx
I don't know how to use any of the *grep programs to search for binary data, so you might need to write a few lines of perl or python to locate the kernel code involved. It is quite doubtful that your Java code, or anything to do with MySQL, could have caused a kernel-level crash.
Corrected disassembly for 64-bit mode:
00000000 <.data>:
0: e0 48 loopne 0x4a
2: 8d 55 b0 lea -0x50(%rbp),%edx
5: 48 89 4d e8 mov %rcx,-0x18(%rbp)
9: 4c 89 45 f0 mov %r8,-0x10(%rbp)
d: 48 89 45 b8 mov %rax,-0x48(%rbp)
11: 48 8d 45 d0 lea -0x30(%rbp),%rax
15: 4c 89 4d f8 mov %r9,-0x8(%rbp)
19: c7 45 b0 10 00 00 00 movl $0x10,-0x50(%rbp)
20: 48 89 45 c0 mov %rax,-0x40(%rbp)
24: e8 5a ff ff ff callq 0xffffff83
29: c9 leaveq
2a: c3 retq
2b: 89 f0 mov %esi,%eax
2d: b9 40 00 00 00 mov $0x40,%ecx
32: 55 push %rbp
33: 99 cltd
34: 45 31 c0 xor %r8d,%r8d
37: f7 f9 idiv %ecx
39: 48 89 e5 mov %rsp,%rbp
3c: 48 89 fa mov %rdi,%rdx
3f: 41 rex.B
[looking at this again after all these years, I realize what the problem more likely was: a stack underflow. the retq had no place to return, as the stack was empty, so the instruction pointer was left pointing at the following instruction -- jc]
Related
Local tomcat is not starting and it is failing when trying to creating bean that connects to Oracle DB. The error is java.sql.SQLRecoverableException: IO Error: Connection reset. The only change we made is, we used ojdbc8.jar dependency in Pom.xml earlier it has ojdbc6.jar. I am running the tomcat on jdk 1.8
library/java/javavirtualmachines/jdk1.8.0_162.jdk/Contents/home/jre/
We have imported the rds-ca-2019-root.der in to the cacerts file.
library/java/javavirtualmachines/jdk1.8.0_162.jdk/Contents/home/jre/lib/security/cacerts
This is happening after updating the SSL_VERSION to 1.2 on Oracle 12.2.0.1 RDS server.
Here is the stacktrace.
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'abcDB' defined in class path resource [applicationContext.xml]: Invocation of init method failed; nested exception is javax.naming.NamingException: Unexpected exception resolving reference [Root exception is java.sql.SQLException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1455)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getTypeForFactoryBean(AbstractBeanFactory.java:1355)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.getTypeForFactoryBean(AbstractAutowireCapableBeanFactory.java:710)
at org.springframework.beans.factory.support.AbstractBeanFactory.isTypeMatch(AbstractBeanFactory.java:519)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:319)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:298)
at org.springframework.beans.factory.BeanFactoryUtils.beanNamesForTypeIncludingAncestors(BeanFactoryUtils.java:142)
at org.springframework.orm.jpa.EntityManagerFactoryUtils.findEntityManagerFactory(EntityManagerFactoryUtils.java:97)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.findNamedEntityManagerFactory(PersistenceAnnotationBeanPostProcessor.java:511)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.findEntityManagerFactory(PersistenceAnnotationBeanPostProcessor.java:493)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor$PersistenceElement.resolveEntityManager(PersistenceAnnotationBeanPostProcessor.java:657)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor$PersistenceElement.getResourceToInject(PersistenceAnnotationBeanPostProcessor.java:630)
at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:150)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.postProcessPropertyValues(PersistenceAnnotationBeanPostProcessor.java:339)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1106)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:848)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:790)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:707)
at org.glassfish.jersey.server.spring.AutowiredInjectResolver.getBeanFromSpringContext(AutowiredInjectResolver.java:104)
at org.glassfish.jersey.server.spring.AutowiredInjectResolver.resolve(AutowiredInjectResolver.java:96)
at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:211)
at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:234)
at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:357)
at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:471)
at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:83)
at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:71)
at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:122)
at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2022)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:114)
at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:88)
at org.glassfish.jersey.internal.inject.Providers.getAllRankedProviders(Providers.java:247)
at org.glassfish.jersey.server.ApplicationHandler.getProcessingProviders(ApplicationHandler.java:772)
at org.glassfish.jersey.server.ApplicationHandler.initialize(ApplicationHandler.java:537)
at org.glassfish.jersey.server.ApplicationHandler.access$500(ApplicationHandler.java:184)
at org.glassfish.jersey.server.ApplicationHandler$3.call(ApplicationHandler.java:350)
at org.glassfish.jersey.server.ApplicationHandler$3.call(ApplicationHandler.java:347)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.processWithException(Errors.java:255)
at org.glassfish.jersey.server.ApplicationHandler.<init>(ApplicationHandler.java:347)
at org.glassfish.jersey.servlet.WebComponent.<init>(WebComponent.java:392)
at org.glassfish.jersey.servlet.ServletContainer.init(ServletContainer.java:177)
at org.glassfish.jersey.servlet.ServletContainer.init(ServletContainer.java:369)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1144)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1091)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:985)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4875)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5189)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1412)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1402)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.naming.NamingException: Unexpected exception resolving reference [Root exception is java.sql.SQLException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)]
at org.apache.naming.NamingContext.lookup(NamingContext.java:856)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:173)
at org.apache.naming.factory.ResourceLinkFactory.getObjectInstance(ResourceLinkFactory.java:152)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:321)
at org.apache.naming.NamingContext.lookup(NamingContext.java:839)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:159)
at org.apache.naming.NamingContext.lookup(NamingContext.java:827)
at org.apache.naming.NamingContext.lookup(NamingContext.java:173)
at org.apache.naming.SelectorContext.lookup(SelectorContext.java:163)
at javax.naming.InitialContext.lookup(InitialContext.java:417)
at org.springframework.jndi.JndiTemplate$1.doInContext(JndiTemplate.java:154)
at org.springframework.jndi.JndiTemplate.execute(JndiTemplate.java:87)
at org.springframework.jndi.JndiTemplate.lookup(JndiTemplate.java:152)
at org.springframework.jndi.JndiTemplate.lookup(JndiTemplate.java:178)
at org.springframework.jndi.JndiLocatorSupport.lookup(JndiLocatorSupport.java:95)
at org.springframework.jndi.JndiObjectLocator.lookup(JndiObjectLocator.java:105)
at org.springframework.jndi.JndiObjectFactoryBean.lookupWithFallback(JndiObjectFactoryBean.java:201)
at org.springframework.jndi.JndiObjectFactoryBean.afterPropertiesSet(JndiObjectFactoryBean.java:187)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1514)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1452)
... 71 more
Caused by: java.sql.SQLException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:666)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createDataSource(BasicDataSource.java:544)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getLogWriter(BasicDataSource.java:1064)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.createDataSource(BasicDataSourceFactory.java:568)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory.getObjectInstance(BasicDataSourceFactory.java:240)
at org.apache.naming.factory.FactoryBase.getObjectInstance(FactoryBase.java:96)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:321)
at org.apache.naming.NamingContext.lookup(NamingContext.java:839)
... 96 more
Caused by: java.sql.SQLRecoverableException: IO Error: Connection reset
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:467)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
at org.apache.tomcat.dbcp.dbcp2.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:55)
at org.apache.tomcat.dbcp.dbcp2.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:357)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.validateConnectionFactory(BasicDataSource.java:113)
at org.apache.tomcat.dbcp.dbcp2.BasicDataSource.createPoolableConnectionFactory(BasicDataSource.java:662)
... 103 more
Caused by: java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:210)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:757)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at oracle.net.ns.Packet.send(Packet.java:403)
at oracle.net.ns.ConnectPacket.send(ConnectPacket.java:198)
at oracle.net.ns.NSProtocol.connect(NSProtocol.java:293)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1102)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:320)
... 111 more
Her is snippet from server.xml
<Resource auth="Container"
driverClassName="oracle.jdbc.driver.OracleDriver" initialSize="10"
jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionState;org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer;org.apache.tomcat.jdbc.pool.interceptor.SlowQueryReportJmx(threshold=10000)"
jmxEnabled="true" logAbandoned="true" maxActive="100" maxIdle="100"
maxWaitMillis="10000" minEvictableIdleTimeMillis="30000" minIdle="10"
name="jdbc/abcDB" password="abc"
removeAbandonedOnMaintenance="true" removeAbandonedTimeout="7200"
testOnBorrow="true" testOnReturn="false" testWhileIdle="true"
timeBetweenEvictionRunsMillis="5000" type="javax.sql.DataSource"
url="jdbc:oracle:thin:#(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST=abc-dev.abc.us-east-1.rds.amazonaws.com)(PORT=2484))(CONNECT_DATA=(SERVICE_NAME=abc)))"
username="abc" validationInterval="30000"
validationQuery="SELECT 1 FROM DUAL" />
when I added the debug -Djavax.net.debug=all
I see this one in logs
RandomCookie: GMT: 1614618626 bytes = { 97, 87, 237, 119, 129, 190, 112, 175, 246, 122, 149, 31, 204, 213, 84, 167, 116, 247, 182, 155, 162, 201, 216, 93, 78, 217, 52, 146 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension extended_master_secret
Extension server_name, server_name: [type=host_name (0), value=abc-dev.abc.us-east-1.rds.amazonaws.com]
***
[write] MD5 and SHA1 hashes: len = 185
0000: 01 00 00 B5 03 01 60 3D 20 02 61 57 ED 77 81 BE ......`= .aW.w..
0010: 70 AF F6 7A 95 1F CC D5 54 A7 74 F7 B6 9B A2 C9 p..z....T.t.....
0020: D8 5D 4E D9 34 92 00 00 2C C0 0A C0 14 00 35 C0 .]N.4...,.....5.
0030: 05 C0 0F 00 39 00 38 C0 09 C0 13 00 2F C0 04 C0 ....9.8...../...
0040: 0E 00 33 00 32 C0 08 C0 12 00 0A C0 03 C0 0D 00 ..3.2...........
0050: 16 00 13 00 FF 01 00 00 60 00 0A 00 16 00 14 00 ........`.......
0060: 17 00 18 00 19 00 09 00 0A 00 0B 00 0C 00 0D 00 ................
0070: 0E 00 16 00 0B 00 02 01 00 00 17 00 00 00 00 00 ................
0080: 38 00 36 00 00 33 73 68 6F 72 74 73 2D 64 65 76 8.6..abc-dev
0090: 2E 63 39 64 66 79 71 6A 6F 62 74 71 66 2E 75 73 .abc.us
00A0: 2D 65 61 73 74 2D 31 2E 72 64 73 2E 61 6D 61 7A -east-1.rds.amaz
00B0: 6F 6E 61 77 73 2E 63 6F 6D onaws.com
localhost-startStop-1, WRITE: TLSv1 Handshake, length = 185
[write] MD5 and SHA1 hashes: len = 122
0000: 01 03 01 00 51 00 00 00 20 00 C0 0A 07 00 C0 00 ....Q... .......
0010: C0 14 00 00 35 00 C0 05 00 C0 0F 00 00 39 00 00 ....5........9..
0020: 38 00 C0 09 06 00 40 00 C0 13 00 00 2F 00 C0 04 8.....#...../...
0030: 01 00 80 00 C0 0E 00 00 33 00 00 32 00 C0 08 00 ........3..2....
0040: C0 12 00 00 0A 07 00 C0 00 C0 03 02 00 80 00 C0 ................
0050: 0D 00 00 16 00 00 13 00 00 FF 60 3D 20 02 61 57 ..........`= .aW
0060: ED 77 81 BE 70 AF F6 7A 95 1F CC D5 54 A7 74 F7 .w..p..z....T.t.
0070: B6 9B A2 C9 D8 5D 4E D9 34 92 .....]N.4.
localhost-startStop-1, WRITE: SSLv2 client hello message, length = 122
[Raw write]: length = 124
0000: 80 7A 01 03 01 00 51 00 00 00 20 00 C0 0A 07 00 .z....Q... .....
0010: C0 00 C0 14 00 00 35 00 C0 05 00 C0 0F 00 00 39 ......5........9
0020: 00 00 38 00 C0 09 06 00 40 00 C0 13 00 00 2F 00 ..8.....#...../.
0030: C0 04 01 00 80 00 C0 0E 00 00 33 00 00 32 00 C0 ..........3..2..
0040: 08 00 C0 12 00 00 0A 07 00 C0 00 C0 03 02 00 80 ................
0050: 00 C0 0D 00 00 16 00 00 13 00 00 FF 60 3D 20 02 ............`= .
0060: 61 57 ED 77 81 BE 70 AF F6 7A 95 1F CC D5 54 A7 aW.w..p..z....T.
0070: 74 F7 B6 9B A2 C9 D8 5D 4E D9 34 92 t......]N.4.
localhost-startStop-1, handling exception: java.net.SocketException: Connection reset
localhost-startStop-1, SEND TLSv1.2 ALERT: fatal, description = unexpected_message
localhost-startStop-1, WRITE: TLSv1.2 Alert, length = 2
localhost-startStop-1, Exception sending alert: java.net.SocketException: Broken pipe (Write failed)
localhost-startStop-1, called closeSocket()
localhost-startStop-1, called close()
localhost-startStop-1, called closeInternal(true)
Mar 01, 2021 12:10:26 PM org.apache.naming.NamingContext lookup
Mar 01, 2021 12:10:26 PM org.apache.naming.NamingContext lookup
WARNING: Unexpected exception resolving reference
java.sql.SQLException: Cannot create PoolableConnectionFactory (IO Error: Connection reset)
Any help is greatly appreciated.
Thank you
I was able to resolve this issue by updating the ojdbc6.jar to ojdbc8.jar in my local tomcat lib folder /Users/dev/apache-tomcat-8.5.60/lib
Thank you everyone
I've received the following DATA frame from https://example.com (is contains the HTML file).
Stream: DATA, Stream ID: 1, Length 606
Length: 606
Type: DATA (0)
Flags: 0x01
.... ...1 = End Stream: True
.... 0... = Padded: False
0000 .00. = Unused: 0x00
0... .... .... .... .... .... .... .... = Reserved: 0x0
.000 0000 0000 0000 0000 0000 0000 0001 = Stream Identifier: 1
[Pad Length: 0]
Reassembled body in frame: 37
Data: 1f8b08003b81055200038d5441afd3300cbeef5798720169…
My understanding is that this data is gzipped. When I save the decrypted data to a file and give it a .gz extension and attempt to extract it with 7-Zip I get an error though. It can open the archive, see that there is a single file in there, but when I try to read it or extract it I just get an error.
This is a hex dump of the decrypted data.
0000 1f 8b 08 00 3b 81 05 52 00 03 8d 54 41 af d3 30
0010 0c be ef 57 98 72 01 69 5d f7 80 07 53 d7 56 20
0020 40 e2 02 1c e0 c2 31 6b dc d5 5a 93 94 24 ed 36
0030 a1 f7 df 71 db bd ae e5 ed 40 2b b5 8e 1d 7f fe
0040 6c c7 49 9e 49 93 fb 73 8d 50 7a 55 65 8b e4 f1
0050 87 42 66 0b e0 27 f1 e4 2b cc 3e 9f 84 aa 2b 84
0060 4f 46 09 d2 49 34 68 17 c3 16 85 5e 40 5e 0a eb
0070 d0 a7 41 e3 8b 70 13 40 94 4d 8c a5 f7 75 88 bf
0080 1b 6a d3 e0 a3 d1 1e b5 0f bb b0 01 e4 c3 2a 0d
0090 3c 9e 7c d4 85 df 8e 50 b7 90 b4 50 98 06 2d e1
00a0 b1 36 d6 4f fc 8f 24 7d 99 4a 6c 29 c7 b0 5f 2c
00b0 81 34 79 12 55 e8 72 51 61 7a 77 85 72 fe cc c9
00c0 74 0c 2e 81 73 e7 82 c1 b6 33 f2 0c 7f 7a b1 5f
00d0 8a fc b0 b7 a6 d1 32 cc 4d 65 6c 0c cf 8b 35 bf
00e0 af b6 e3 16 25 ec 9e 74 0c eb ab aa 16 52 92 de
00f0 cf 74 05 33 0d 0b a1 a8 3a c7 10 7c af 51 c3 0f
0100 a1 5d b0 84 e0 0b 56 2d 7a ca 05 7c c3 06 59 33
0110 2a 96 f0 c1 72 06 4b 70 bc 35 74 68 a9 b8 22 f6
0120 c2 43 ff 95 d4 4e 48 f7 e9 c7 f0 76 bd ae 4f 4f
0130 79 de a3 02 d1 78 73 83 ee fd cc e1 56 ee c5 24
0140 fe ce 58 89 36 b4 42 52 e3 62 b8 43 b5 9d 50 12
0150 71 45 fa b0 e4 7f 4b 8e 3c ca 09 c1 47 b8 d7 9b
0160 37 9b cd 04 b1 eb 45 28 31 37 56 78 32 cc 55 1b
0170 8d 53 d0 f7 0a 25 09 78 a1 c4 29 bc 64 f9 ae cb
0180 f2 e5 b4 65 f3 0e fe 4f 26 0f a3 34 2f e4 a4 98
0190 f3 8a cd fa 7e c3 f6 4f 69 d6 73 eb 58 ef b1 64
01a0 57 12 c3 37 89 fa 23 9a 75 f2 22 89 86 79 5c 24
01b0 5d 6a 3c 9e 4c f2 72 90 cb bb 27 a3 c9 aa c1 56
01c0 67 3f 4b 72 20 7b 3d b0 84 ce 8b 5d 45 ae e4 5e
01d0 78 03 3b 84 c6 b1 58 18 0b 54 55 8d f3 5d d5 5b
01e0 04 1c 10 1d cf 0f 7b e7 8d e2 01 73 2b f8 65 1a
01f0 ce f9 dc 39 81 67 e4 e1 e0 5d d0 f5 d5 eb 48 be
0200 34 8d 87 da 12 23 e7 86 4b 41 ba ef 27 f0 5a b8
0210 03 a7 de 07 ad d1 2a 72 8e 0d ab 24 aa 47 d6 09
0220 df 17 16 8b 34 e8 6e 8d 38 8a 8e c7 e3 8a 84 16
0230 2b 63 f7 d1 10 cf 45 97 68 41 f6 d5 58 e4 f0 8c
0240 a7 fa 18 ab 15 83 89 ac 07 4c a2 be 52 49 74 a9
0250 5b 34 5c 6f 7f 01 08 95 aa 8b f6 04 00 00
How do I decompress this data?
Looks right to me. I suspect this is a problem with however you have extracted the DATA Frame, or 7Zip (don't have that on my machine).
Running the following in GitBash in Windows downloads the gzipped file (which might be over HTTP/1.1 probably depending on the version of curl you have installed, but ignore that for now, because I don't think this is an HTTP/2 problem):
$ curl --raw --compress https://example.com > /tmp/index.html.gz
At this point you can look at the raw hex (using xxd /tmp/index.html.gz for example) and see it's the exact same as what you've posted:
00000000: 1f8b 0800 3b81 0552 0003 8d54 41af d330 ....;..R...TA..0
00000010: 0cbe ef57 9872 0169 5df7 8007 53d7 5620 ...W.r.i]...S.V
00000020: 40e2 021c e0c2 316b dcd5 5a93 9424 ed36 #.....1k..Z..$.6
00000030: a1f7 df71 dbbd aee5 ed40 2bb5 8e1d 7ffe ...q.....#+.....
00000040: 6cc7 499e 4993 fb73 8d50 7a55 658b e4f1 l.I.I..s.PzUe...
00000050: 8742 660b e027 f1e4 2bcc 3e9f 84aa 2b84 .Bf..'..+.>...+.
00000060: 4f46 09d2 4934 6817 c316 855e 405e 0aeb OF..I4h....^#^..
00000070: d0a7 41e3 8b70 1340 944d 8ca5 f775 88bf ..A..p.#.M...u..
00000080: 1b6a d3e0 a3d1 1eb5 0fbb b001 e4c3 2a0d .j............*.
00000090: 3c9e 7cd4 85df 8e50 b790 b450 9806 2de1 <.|....P...P..-.
000000a0: b136 d64f fc8f 247d 994a 6c29 c7b0 5f2c .6.O..$}.Jl).._,
000000b0: 8134 7912 55e8 7251 617a 7785 72fe ccc9 .4y.U.rQazw.r...
000000c0: 740c 2e81 73e7 82c1 b633 f20c 7f7a b15f t...s....3...z._
000000d0: 8afc b0b7 a6d1 32cc 4d65 6c0c cf8b 35bf ......2.Mel...5.
000000e0: afb6 e316 25ec 9e74 0ceb abaa 1652 92de ....%..t.....R..
000000f0: cf74 0533 0d0b a1a8 3ac7 107c af51 c30f .t.3....:..|.Q..
00000100: a15d b084 e00b 562d 7aca 057c c306 5933 .]....V-z..|..Y3
00000110: 2a96 f0c1 7206 4b70 bc35 7468 a9b8 22f6 *...r.Kp.5th..".
00000120: c243 ff95 d44e 48f7 e9c7 f076 bdae 4f4f .C...NH....v..OO
00000130: 79de a302 d178 7383 eefd cce1 56ee c524 y....xs.....V..$
00000140: fece 5889 36b4 4252 e362 b843 b59d 5012 ..X.6.BR.b.C..P.
00000150: 7145 fab0 e47f 4b8e 3cca 09c1 47b8 d79b qE....K.<...G...
00000160: 379b cd04 b1eb 4528 3137 5678 32cc 551b 7.....E(17Vx2.U.
00000170: 8d53 d0f7 0a25 0978 a1c4 29bc 64f9 aecb .S...%.x..).d...
00000180: f2e5 b465 f30e fe4f 260f a334 2fe4 a498 ...e...O&..4/...
00000190: f38a cdfa 7ec3 f64f 69d6 73eb 58ef b164 ....~..Oi.s.X..d
000001a0: 5712 c337 89fa 239a 75f2 2289 8679 5c24 W..7..#.u."..y\$
000001b0: 5d6a 3c9e 4cf2 7290 cbbb 27a3 c9aa c156 ]j<.L.r...'....V
000001c0: 673f 4b72 207b 3db0 84ce 8b5d 45ae e45e g?Kr {=....]E..^
000001d0: 7803 3b84 c6b1 5818 0b54 558d f35d d55b x.;...X..TU..].[
000001e0: 041c 101d cf0f 7be7 8de2 0173 2bf8 651a ......{....s+.e.
000001f0: cef9 dc39 8167 e4e1 e05d d0f5 d5eb 48be ...9.g...]....H.
00000200: 348d 87da 1223 e786 4b41 baef 27f0 5ab8 4....#..KA..'.Z.
00000210: 03a7 de07 add1 2a72 8e0d ab24 aa47 d609 ......*r...$.G..
00000220: df17 168b 34e8 6e8d 388a 8ec7 e38a 8416 ....4.n.8.......
00000230: 2b63 f7d1 10cf 4597 6841 f6d5 58e4 f08c +c....E.hA..X...
00000240: a7fa 18ab 1583 89ac 074c a2be 5249 74a9 .........L..RIt.
00000250: 5b34 5c6f 7f01 0895 aa8b f604 0000 [4\o..........
Then can use gunzip to view the file in the command line:
$ gunzip -c index.html.gz
<!doctype html>
<html>
<head>
<title>Example Domain</title>
...etc.
Or decompress it:
$ gunzip index.html.gz
$ cat index.html
<!doctype html>
<html>
<head>
<title>Example Domain</title>
...etc.
So I would guess either 7zip doesn't like reading this file (but it seems to from a quick search online) or you are corrupting the saving of the data somehow before opening it in 7zip.
I have a Rest api and am trying to implement the security in it using 2 way SSL. I have server.jks placed at a certain location on the server where the application is deployed. Now I have another java application that is acting as a client. I have a identity.jks and trust.jks as below
{
client.ssl.key-store=/cucumber/dev/identity.jks
client.ssl.key-store-password=changeme
client.ssl.trust-store=/cucumber/dev/trust.jks
client.ssl.trust-store-password=changeme
}
however when my client makes a http post request to the api, I get bad certificate error with below logs getting generated at client side.
I am not getting what is missing here.
ssl logs:
{
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
ssl: Ignoring alias server: issuers do not match
ssl: KeyMgr: no matching key found
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
*** ECDHClientKeyExchange
ECDH Public value: { 4, 157, 56, 226, 111, 107, 118, 232, 80, 45, 243, 230, 40, 102, 248, 0, 45, 8, 136, 14, 177, 18, 135, 204, 179, 35, 160, 73, 134, 194, 251, 79, 36, 227, 96, 119, 125, 116, 170, 222, 179, 162, 179, 2, 227, 10, 51, 198, 142, 183, 70, 247, 39, 191, 105, 2, 173, 245, 11, 104, 11, 85, 19, 206, 95 }
[write] MD5 and SHA1 hashes: len = 77
0000: 0B 00 00 03 00 00 00 10 00 00 42 41 04 9D 38 E2 ..........BA..8.
0010: 6F 6B 76 E8 50 2D F3 E6 28 66 F8 00 2D 08 88 0E okv.P-..(f..-...
0020: B1 12 87 CC B3 23 A0 49 86 C2 FB 4F 24 E3 60 77 .....#.I...O$.`w
0030: 7D 74 AA DE B3 A2 B3 02 E3 0A 33 C6 8E B7 46 F7 .t........3...F.
0040: 27 BF 69 02 AD F5 0B 68 0B 55 13 CE 5F '.i....h.U.._
finagle/netty4-1, WRITE: TLSv1.2 Handshake, length = 77
SESSION KEYGEN:
PreMaster Secret:
0000: 93 55 61 AA 21 BB 29 A9 FA B2 D9 14 9A 34 DF 90 .Ua.!.)......4..
0010: D1 2B 4E D3 0C 8A 32 E0 EB 07 84 4C F1 27 4A 22 .+N...2....L.'J"
CONNECTION KEYGEN:
Client Nonce:
0000: 5B 6D 9A 26 BB 80 E0 FB 21 14 EF EE 2C 72 F1 E2 [m.&....!...,r..
0010: B6 7C 50 A1 94 9A 20 7D 3E 0C 6F 8A 4B 3A 60 AC ..P... .>.o.K:`.
Server Nonce:
0000: 5B 6D 9A 26 A3 CE 30 1A 70 FF DA 97 E5 35 D3 17 [m.&..0.p....5..
0010: E6 60 7E 74 91 3D 0A BC F3 27 B9 BB 63 97 34 39 .`.t.=...'..c.49
Master Secret:
0000: 5F 0D 19 8D 4A 34 95 68 5E 06 D7 3B F5 1A 1E 32 _...J4.h^..;...2
0010: 07 C4 19 06 66 A7 6E A6 18 50 32 56 67 9B A6 FB ....f.n..P2Vg...
0020: F5 DF 33 9A 66 09 2F 7A DF 37 95 4E 8D BF F7 10 ..3.f./z.7.N....
Client MAC write Secret:
0000: 21 8C 67 0B BF 0C A9 19 5B 6B 27 ED 75 4E AA 49 !.g.....[k'.uN.I
0010: 90 DE EA 37 CF D5 06 19 E9 1A 96 14 3D BC 02 26 ...7........=..&
0020: B4 BA 78 A8 AC D6 0D F9 79 38 FE 94 26 2F 82 2B ..x.....y8..&/.+
Server MAC write Secret:
0000: 3C 14 31 DF 62 00 A1 41 18 1E 21 0C E1 CB 0E EF <.1.b..A..!.....
0010: B4 99 85 96 3C 30 51 FF 3C 5B D5 4E 02 EA 2A 67 ....<0Q.<[.N..*g
0020: 54 C5 72 2B 0B 45 A1 CD BC E8 AB 34 CE FD 66 64 T.r+.E.....4..fd
Client write key:
0000: 18 CF 26 CE 55 12 3C 8F 9E 9F A7 80 4D 2C B0 71 ..&.U.<.....M,.q
0010: A7 0A B9 58 07 E9 2E 38 9D AE 49 61 72 3F D1 2C ...X...8..Iar?.,
Server write key:
0000: 0A DE 66 22 5C 2F 38 1E FE 59 79 25 A3 43 6F E1 ..f"\/8..Yy%.Co.
0010: 6D 80 44 2F 60 81 1F 34 C6 C6 1B A8 63 F0 7A 56 m.D/`..4....c.zV
... no IV derived for this protocol
finagle/netty4-1, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 74, 37, 55, 128, 217, 164, 34, 181, 144, 55, 30, 12 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 4A 25 37 80 D9 A4 22 B5 90 37 1E 0C ....J%7..."..7..
Padded plaintext before ENCRYPTION: len = 96
0000: 54 34 9D E3 6A 86 B0 CC FC A9 2D C8 E1 AF B4 2B T4..j.....-....+
0010: 14 00 00 0C 4A 25 37 80 D9 A4 22 B5 90 37 1E 0C ....J%7..."..7..
0020: F5 A8 F5 FD 3B C7 AE B1 DC FC A1 42 95 04 27 3E ....;......B..'>
0030: 3D DF 96 C1 36 36 CF 77 5B 31 37 6A 1A C0 C9 8C =...66.w[17j....
0040: CF D1 5F 1B 21 05 4E F8 07 28 0C 4E DE 30 32 D2 .._.!.N..(.N.02.
0050: 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F ................
finagle/netty4-1, WRITE: TLSv1.2 Handshake, length = 96
[Raw write]: length = 82
0000: 16 03 03 00 4D 0B 00 00 03 00 00 00 10 00 00 42 ....M..........B
0010: 41 04 9D 38 E2 6F 6B 76 E8 50 2D F3 E6 28 66 F8 A..8.okv.P-..(f.
0020: 00 2D 08 88 0E B1 12 87 CC B3 23 A0 49 86 C2 FB .-........#.I...
0030: 4F 24 E3 60 77 7D 74 AA DE B3 A2 B3 02 E3 0A 33 O$.`w.t........3
0040: C6 8E B7 46 F7 27 BF 69 02 AD F5 0B 68 0B 55 13 ...F.'.i....h.U.
0050: CE 5F ._
[Raw write]: length = 6
0000: 14 03 03 00 01 01 ......
[Raw write]: length = 101
0000: 16 03 03 00 60 36 7B 78 0F A1 87 60 1F F6 0F B8 ....`6.x...`....
0010: 72 88 86 82 35 28 57 25 59 65 D7 DB 2B 37 5C 35 r...5(W%Ye..+7\5
0020: CE 36 EC 8D 85 B0 96 8D C9 8A 9F C3 DF 88 15 65 .6.............e
0030: 3B 4A 78 7D 64 02 CD 18 92 C6 6C 47 21 24 DD 4C ;Jx.d.....lG!$.L
0040: 37 1B 9B 80 64 F3 6B 14 C9 FE 7F DA DF FF 8C 55 7...d.k........U
0050: ED CB 62 77 BF F5 E5 5F C3 99 BB 70 39 5F 28 17 ..bw..._...p9_(.
0060: 4C 8B CF 85 05 L....
[Raw read]: length = 5
0000: 15 03 03 00 02 .....
[Raw read]: length = 2
0000: 02 2A .*
finagle/netty4-1, READ: TLSv1.2 Alert, length = 2
finagle/netty4-1, RECV TLSv1.2 ALERT: fatal, bad_certificate
finagle/netty4-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: bad_certificate
finagle/netty4-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: bad_certificate
finagle/netty4-1, called closeOutbound()
finagle/netty4-1, closeOutboundInternal()
finagle/netty4-1, SEND TLSv1.2 ALERT: warning, description = close_notify
Padded plaintext before ENCRYPTION: len = 80
0000: 4A 51 F2 C8 BA 3D 59 D1 E4 97 9D 88 98 EE 5A 44 JQ...=Y.......ZD
0010: 01 00 05 72 73 DF 87 14 B4 B8 2A 5D D8 D2 E8 92 ...rs.....*]....
0020: 86 DD 9F 47 6E 98 52 6F 76 53 96 9F B2 CF BF 22 ...Gn.RovS....."
0030: 27 20 18 FB 9D 82 CE D1 F0 6E D1 A8 73 67 E8 B5 ' .......n..sg..
0040: C8 72 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D .r..............
finagle/netty4-1, WRITE: TLSv1.2 Alert, length = 80
finagle/netty4-1, called closeInbound()
finagle/netty4-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
finagle/netty4-1, called closeOutbound()
finagle/netty4-1, closeOutboundInternal()
[Raw write]: length = 85
0000: 15 03 03 00 50 D3 44 48 4B 3F 93 CE 6F 0D D8 B5 ....P.DHK?..o...
0010: DE 8B 42 4F 3A EE 65 A5 7E 8A A0 20 2B 46 4D 35 ..BO:.e.... +FM5
0020: 68 E5 CB 1A 7B FD 6F F2 F2 E4 23 1A 71 C2 CF 16 h.....o...#.q...
0030: 73 10 0A B1 86 4D 84 51 BF C8 B7 9C A5 E9 AE 20 s....M.Q.......
0040: 07 73 AD B5 4D 85 81 66 10 5E 92 5B 8C DF D4 80 .s..M..f.^.[....
0050: 9E 6D 8C 7C DC .m...
Aug 10, 2018 3:59:03 PM com.twitter.finagle.netty4.channel.ChannelExceptionHandler exceptionCaught
WARNING: Unhandled exception in connection with clrv0000082211.ic.ing.net/10.44.39.4:8086, shutting down connection
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLException: Received fatal alert: bad_certificate
}
I am working on integrating Webservice which has 2 way SSL.
One such service from same client is already integrated and works fine.
I mean Application A is already integrated with WS 1 hosted on Application B, it's working now.
Now I am integrating Application A with WS 2 hosted on Application B
The same keystore and truststore are in used for both services.
WS 1 works fine, WS 2 fails, I have no real clue of how this could happen. Details of SSL debug logs are below.
I verified the Cipher Suite it is same for both Webservices.
SSL Debug Logs for Failed SSL HandShake - WS 2:
Here I add appropriate ssl log, the difference I found between ssl logs for working service and service which is failing is the certificate chain is not sent by client.
[Raw read]: length = 5
0000: 16 03 01 00 0D .....
[Raw read]: length = 13
0000: 0D 00 00 05 02 01 02 00 00 0E 00 00 00 .............
tomcat-http-1, READ: TLSv1 Handshake, length = 13
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
[read] MD5 and SHA1 hashes: len = 9
0000: 0D 00 00 05 02 01 02 00 00 .........
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
***** Certificate chain
***
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1**
[write] MD5 and SHA1 hashes: len = 269
0000: 0B 00 00 03 00 00 00 10 00 01 02 01 00 4C 1E 64 .............L.d
0010: 17 BD D1 EC E9 14 82 08 12 17 01 1F 78 A0 6A 40 ............x.j#
0020: 16 24 A4 0D 54 B6 F4 CF B5 BB A0 BF 32 CD F5 BC .$..T.......2...
0030: EF 14 3C 8B 9B 72 7A 6D 27 93 59 6A AD 11 82 07 ..<..rzm'.Yj....
0040: 37 8C 68 01 EF 20 D6 0B 00 F4 0B 72 1F DE 0C 28 7.h.. .....r...(
0050: B9 47 D2 39 AB B6 E8 72 B9 6D A7 3F 0C F0 3F 1F .G.9...r.m.?..?.
0060: 3C CE 3C A2 E3 D6 CB 9D BA 5D 93 AF 26 B4 D2 83 <.<......]..&...
0070: 68 7A D2 6B 9A 10 D6 A3 95 36 D7 C1 0F C6 F4 79 hz.k.....6.....y
0080: F9 8F 3D 4D 8C D0 E0 46 E2 5A 32 46 42 19 60 09 ..=M...F.Z2FB.`.
0090: 62 15 EE F8 5C 24 A8 78 27 CD A6 22 5F 5E 94 35 b...\$.x'.."_^.5
00A0: 6B 95 C6 42 34 4B D0 98 74 DE 92 9C 8E 79 0E 3A k..B4K..t....y.:
00B0: 07 D6 17 63 E0 CE CE 8A C0 26 A5 51 A7 E4 35 8A ...c.....&.Q..5.
00C0: 5B 2F 1C A6 3A 0B 49 65 24 24 DC F8 39 42 80 38 [/..:.Ie$$..9B.8
00D0: 03 0D 49 F4 61 32 90 8B BC B6 46 47 6E C0 8B C5 ..I.a2....FGn...
00E0: 00 2F 3D AB 56 5E 04 6A AD 27 D2 39 A3 22 C5 CB ./=.V^.j.'.9."..
00F0: 9D D5 8C 47 B7 89 D1 C2 C2 CC AE F7 ED 4D 97 2F ...G.........M./
0100: 4E 4B AA 2A C5 96 A9 2C 4B 28 E0 09 44 NK.*...,K(..D
tomcat-http-1, WRITE: TLSv1 Handshake, length = 269
[Raw write]: length = 274
0000: 16 03 01 01 0D 0B 00 00 03 00 00 00 10 00 01 02 ................
0010: 01 00 4C 1E 64 17 BD D1 EC E9 14 82 08 12 17 01 ..L.d...........
0020: 1F 78 A0 6A 40 16 24 A4 0D 54 B6 F4 CF B5 BB A0 .x.j#.$..T......
0030: BF 32 CD F5 BC EF 14 3C 8B 9B 72 7A 6D 27 93 59 .2.....<..rzm'.Y
0040: 6A AD 11 82 07 37 8C 68 01 EF 20 D6 0B 00 F4 0B j....7.h.. .....
0050: 72 1F DE 0C 28 B9 47 D2 39 AB B6 E8 72 B9 6D A7 r...(.G.9...r.m.
0060: 3F 0C F0 3F 1F 3C CE 3C A2 E3 D6 CB 9D BA 5D 93 ?..?.<.<......].
0070: AF 26 B4 D2 83 68 7A D2 6B 9A 10 D6 A3 95 36 D7 .&...hz.k.....6.
0080: C1 0F C6 F4 79 F9 8F 3D 4D 8C D0 E0 46 E2 5A 32 ....y..=M...F.Z2
0090: 46 42 19 60 09 62 15 EE F8 5C 24 A8 78 27 CD A6 FB.`.b...\$.x'..
00A0: 22 5F 5E 94 35 6B 95 C6 42 34 4B D0 98 74 DE 92 "_^.5k..B4K..t..
00B0: 9C 8E 79 0E 3A 07 D6 17 63 E0 CE CE 8A C0 26 A5 ..y.:...c.....&.
00C0: 51 A7 E4 35 8A 5B 2F 1C A6 3A 0B 49 65 24 24 DC Q..5.[/..:.Ie$$.
00D0: F8 39 42 80 38 03 0D 49 F4 61 32 90 8B BC B6 46 .9B.8..I.a2....F
00E0: 47 6E C0 8B C5 00 2F 3D AB 56 5E 04 6A AD 27 D2 Gn..../=.V^.j.'.
00F0: 39 A3 22 C5 CB 9D D5 8C 47 B7 89 D1 C2 C2 CC AE 9.".....G.......
0100: F7 ED 4D 97 2F 4E 4B AA 2A C5 96 A9 2C 4B 28 E0 ..M./NK.*...,K(.
0110: 09 44 .D
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 93 71 B9 48 72 57 3D 0A BB 31 75 96 FD 0D ...q.HrW=..1u...
0010: CA 96 42 DD C9 44 B7 A8 B1 F1 A9 C1 C3 27 9F 5F ..B..D.......'._
0020: 9D 52 23 E3 36 AC EA A5 3A 05 1F F8 8D 5D 14 21 .R#.6...:....].!
CONNECTION KEYGEN:
Client Nonce:
0000: 53 8F 60 0E 0B DC B6 61 EB F5 3D C8 8C 7E 62 6D S.`....a..=...bm
0010: 5C 42 CB 7A 31 BC B0 0B D5 6F 0F B2 3C D7 3D A2 \B.z1....o..<.=.
Server Nonce:
0000: 53 8F 60 0E 6A EF 4B 22 15 D3 FB 2B 47 60 66 59 S.`.j.K"...+G`fY
0010: 95 FF 2F 5A 5E CD 24 FD AB BC 53 DA AE DE EE 6E ../Z^.$...S....n
Master Secret:
0000: 81 91 2E C9 84 28 03 2A 96 B7 50 3F 4E A6 F6 6D .....(.*..P?N..m
0010: BA E6 A3 97 90 BA 36 43 7F CC 09 DC 6C 49 23 2A ......6C....lI#*
0020: 08 F9 9A 28 37 E9 6A 7D A7 3D DF 5C 1D EE B8 C8 ...(7.j..=.\....
Client MAC write Secret:
0000: 02 6B 86 CF 08 1C F8 E1 3F 37 56 C3 E9 56 AF 7E .k......?7V..V..
0010: 8C AA 30 AD ..0.
Server MAC write Secret:
0000: 60 3E 08 7B D0 B4 23 48 79 D9 56 4E 98 17 AD 9D `>....#Hy.VN....
0010: E1 DA 9D 33 ...3
Client write key:
0000: 42 6D F6 86 E0 A5 CD 25 C1 32 EB C0 40 82 70 7C Bm.....%.2..#.p.
Server write key:
0000: 3D 28 B3 C1 E6 23 94 5F 3E F9 66 77 B1 42 EE AF =(...#._>.fw.B..
Client write IV:
0000: D1 AF 77 1A 7B 63 55 99 0D 20 EA 5F C9 35 C8 33 ..w..cU.. ._.5.3
Server write IV:
0000: 69 95 12 2F F0 85 8D 2B 8F 1F 96 73 A6 1A D7 10 i../...+...s....
tomcat-http-1, WRITE: TLSv1 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 01 00 01 01 ......
*** Finished
verify_data: { 69, 40, 167, 235, 209, 255, 39, 90, 171, 21, 67, 200 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 45 28 A7 EB D1 FF 27 5A AB 15 43 C8 ....E(....'Z..C.
Padded plaintext before ENCRYPTION: len = 48
0000: 14 00 00 0C 45 28 A7 EB D1 FF 27 5A AB 15 43 C8 ....E(....'Z..C.
0010: F5 F5 5A E3 50 8B BE B4 0A 9C 72 2E FA D7 A2 CD ..Z.P.....r.....
0020: 9A AB 6B FD 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B ..k.............
tomcat-http-1, WRITE: TLSv1 Handshake, length = 48
tomcat-http-1, waiting for close_notify or alert: state 1
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
tomcat-http-1, READ: TLSv1 Alert, length = 2
tomcat-http-1, RECV TLSv1 ALERT: fatal, handshake_failure
tomcat-http-1, called closeSocket()
tomcat-http-1, Exception while waiting for close javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
tomcat-http-1, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
tomcat-http-1, called close()
tomcat-http-1, called closeInternal(true)
Please help me if you find any clue of what's going wrong here.
I solved this problem by installing Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files + importing ca certificate. Just importing certificate did not work.
I have a strong-named assembly containing Model classes that can be shared among several applications (WCF Services in IIS) hosted on the same machine.
Instead of each service having their own copy of this DLL in Bin folder, I want to add it to GAC.
I am using a gacutil.exe for .NET4: Microsoft (R) .NET Global Assembly Cache Utility. Version 4.0.30319.1 Copyright (c) Microsoft Corporation. All rights reserved.
The DLL is registered in GAC, but ends up in C:\Windows\Assembly (GAC 2.0) - not in C:\Windows\Microsoft.NET\Assembly (GAC 4).
When I register the DLL in GAC and remove it from Bin folder, my applications fail with:
Could not load file or assembly 'MyCompany.Enterprise.BOM' or one of its dependencies. The system cannot find the file specified. at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)...
Note: Server 2008 R2 is 64-bit, assembly is built for MSIL, .NET 4.0.
I am using gacutil.exe which comes with Windows SDK v7.1 and is in NETFX 4.0 Tools folder.
What can I be missing? I can't think of any alternatives so any ideas are welcome.
EDIT (Manifest):
// Metadata version: v2.0.50727
.assembly extern mscorlib
{
.publickeytoken = (B7 7A 5C 56 19 34 E0 89 ) // .z\V.4..
.ver 2:0:0:0
}
.assembly extern System.Runtime.Serialization
{
.publickeytoken = (B7 7A 5C 56 19 34 E0 89 ) // .z\V.4..
.ver 3:0:0:0
}
.assembly HCS.Enterprise.BOM
{
.custom instance void [mscorlib]System.Runtime.InteropServices.GuidAttribute::.ctor(string) = ( 01 00 24 63 31 34 64 39 31 65 32 2D 30 35 31 65 // ..$c14d91e2-051e
2D 34 66 65 31 2D 38 62 37 30 2D 61 36 36 33 66 // -4fe1-8b70-a663f
39 61 37 62 34 33 35 00 00 ) // 9a7b435..
.custom instance void [mscorlib]System.Reflection.AssemblyKeyFileAttribute::.ctor(string) = ( 01 00 20 43 3A 5C 48 43 53 2E 45 6E 74 65 72 70 // .. C:\HCS.Enterp
72 69 73 65 5C 4B 65 79 5C 48 43 53 4B 65 79 2E // rise\Key\HCSKey.
73 6E 6B 00 00 ) // snk..
// --- The following custom attribute is added automatically, do not uncomment -------
// .custom instance void [mscorlib]System.Diagnostics.DebuggableAttribute::.ctor(valuetype [mscorlib]System.Diagnostics.DebuggableAttribute/DebuggingModes) = ( 01 00 02 00 00 00 00 00 )
.custom instance void [mscorlib]System.Runtime.CompilerServices.CompilationRelaxationsAttribute::.ctor(int32) = ( 01 00 08 00 00 00 00 00 )
.custom instance void [mscorlib]System.Runtime.CompilerServices.RuntimeCompatibilityAttribute::.ctor() = ( 01 00 01 00 54 02 16 57 72 61 70 4E 6F 6E 45 78 // ....T..WrapNonEx
63 65 70 74 69 6F 6E 54 68 72 6F 77 73 01 ) // ceptionThrows.
.custom instance void [mscorlib]System.Reflection.AssemblyFileVersionAttribute::.ctor(string) = ( 01 00 07 31 2E 30 2E 30 2E 30 00 00 ) // ...1.0.0.0..
.custom instance void [mscorlib]System.Reflection.AssemblyTitleAttribute::.ctor(string) = ( 01 00 12 48 43 53 2E 45 6E 74 65 72 70 72 69 73 // ...HCS.Enterpris
65 2E 42 4F 4D 00 00 ) // e.BOM..
.custom instance void [mscorlib]System.Reflection.AssemblyDescriptionAttribute::.ctor(string) = ( 01 00 00 00 00 )
.custom instance void [mscorlib]System.Reflection.AssemblyConfigurationAttribute::.ctor(string) = ( 01 00 00 00 00 )
.custom instance void [mscorlib]System.Reflection.AssemblyCompanyAttribute::.ctor(string) = ( 01 00 0E 48 6F 72 69 7A 6F 6E 2D 42 43 42 53 4E // ...HN
4A 00 00 ) // J..
.custom instance void [mscorlib]System.Reflection.AssemblyProductAttribute::.ctor(string) = ( 01 00 12 48 43 53 2E 45 6E 74 65 72 70 72 69 73 // ...HCS.Enterpris
65 2E 42 4F 4D 00 00 ) // e.BOM..
.custom instance void [mscorlib]System.Reflection.AssemblyCopyrightAttribute::.ctor(string) = ( 01 00 20 43 6F 70 79 72 69 67 68 74 20 C2 A9 20 // .. Copyright ..
48 6F 72 69 7A 6F 6E 2D 42 43 42 53 4E 4A 20 32 // H2
30 31 30 00 00 ) // 010..
.custom instance void [mscorlib]System.Reflection.AssemblyTrademarkAttribute::.ctor(string) = ( 01 00 00 00 00 )
.custom instance void [mscorlib]System.Runtime.InteropServices.ComVisibleAttribute::.ctor(bool) = ( 01 00 00 00 00 )
.publickey = (00 24 00 00 04 80 00 00 94 00 00 00 06 02 00 00 // .$..............
00 24 00 00 52 53 41 31 00 04 00 00 01 00 01 00 // .$..RSA1........
3B 65 DD 3B C7 49 A7 F4 C9 50 BE 27 F9 62 B6 54 // ;e.;.I...P.'.b.T
D1 26 7B DC 5B EF C1 02 59 E8 77 D4 3D F5 2F 50 // .&{.[...Y.w.=./P
94 22 AC C3 B7 07 71 A4 99 D4 FF 10 ED 05 6D 70 // ."....q.......mp
9A 9D 99 DC 33 1F 8A 3F A5 77 2E C5 5F 9D 35 15 // ....3..?.w.._.5.
BA 54 47 47 C2 8B 13 8C 57 57 C6 1E F5 AB 7B D5 // .TGG....WW....{.
B8 87 DD 4A F3 69 01 B2 6B C8 88 99 04 09 19 FC // ...J.i..k.......
5E 51 7E 2A B9 B5 03 80 C9 A3 EA ED EF B8 EC BF // ^Q~*............
EB 97 30 EC D9 E4 36 7C 0F 64 B7 27 9D 29 0D C5 ) // ..0...6|.d.'.)..
.hash algorithm 0x00008004
.ver 1:0:0:0
}
.module HCS.Enterprise.BOM.dll
// MVID: {D4D8B566-6B0D-4F8D-ABD4-C3A1339B4F84}
.imagebase 0x00400000
.file alignment 0x00000200
.stackreserve 0x00100000
.subsystem 0x0003 // WINDOWS_CUI
.corflags 0x00000009 // ILONLY
// Image base: 0x031B0000
As can be seen from the manifest, the Dll is a runtime 2.0 version, so even the gacutil of 4.0 will place it in the 2.0 GAC.
The manifest is created at compile time, so there must be something wrong with your project and/or compilation settings.
I assume you use Visual Studio, so check out the projects (not solutions) settings in the Application tab.