While invoking REST Service with SSL getting handshake alert unrecognized_name
Article ID: KB0084063
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks Plug-in for REST and JSON | 2.0.0 |
Description
While calling a REST service using SSL, "Invoke REST API" activity fails with following exception:
Exception:
Activity invocation failed
at com.tibco.pe.plugin.Activity.postEval(Unknown Source)
at com.tibco.pe.plugin.Activity.postEval(Unknown Source)
at com.tibco.pe.core.TaskImpl.eval(Unknown Source)
at com.tibco.pe.core.Job.a(Unknown Source)
at com.tibco.pe.core.Job.k(Unknown Source)
at com.tibco.pe.core.JobDispatcher$JobCourier.a(Unknown Source)
at com.tibco.pe.core.JobDispatcher$JobCourier.run(Unknown Source)
caused by: com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:149)
at com.sun.jersey.api.client.filter.GZIPContentEncodingFilter.handle(GZIPContentEncodingFilter.java:120)
at com.tibco.plugin.json.rest.adaptor.RESTReqeustAdaptor.handle(RESTReqeustAdaptor.java:41)
at com.tibco.plugin.json.rest.adaptor.RESTReqeustAdaptor.handle(RESTReqeustAdaptor.java:41)
at com.sun.jersey.api.client.Client.handle(Client.java:648)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:670)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.method(WebResource.java:623)
at com.tibco.plugin.json.activities.RestActivity.sendReqeustWithBody(RestActivity.java:423)
at com.tibco.plugin.json.activities.RestActivity.doPostAlike(RestActivity.java:407)
at com.tibco.plugin.json.activities.RestActivity.doService(RestActivity.java:372)
at com.tibco.plugin.json.activities.RestActivity$1.run(RestActivity.java:321)
at com.tibco.pe.util.ThreadPool$ThreadPoolThread.run(Unknown Source)
Caused by: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler$1$1.getOutputStream(URLConnectionClientHandler.java:225)
at com.sun.jersey.api.client.CommittingOutputStream.commitWrite(CommittingOutputStream.java:117)
at com.sun.jersey.api.client.CommittingOutputStream.write(CommittingOutputStream.java:89)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at com.sun.jersey.core.util.ReaderWriter.writeToAsString(ReaderWriter.java:191)
at com.sun.jersey.core.provider.AbstractMessageReaderWriterProvider.writeToAsString(AbstractMessageReaderWriterProvider.java:128)
at com.sun.jersey.core.impl.provider.entity.BaseFormProvider.writeTo(BaseFormProvider.java:109)
at com.sun.jersey.core.impl.provider.entity.FormProvider.writeTo(FormProvider.java:88)
at com.sun.jersey.core.impl.provider.entity.FormProvider.writeTo(FormProvider.java:58)
at com.sun.jersey.api.client.RequestWriter.writeRequestEntity(RequestWriter.java:300)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:204)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:147)
... 12 more
</StackTrace>
Exception:
Activity invocation failed
at com.tibco.pe.plugin.Activity.postEval(Unknown Source)
at com.tibco.pe.plugin.Activity.postEval(Unknown Source)
at com.tibco.pe.core.TaskImpl.eval(Unknown Source)
at com.tibco.pe.core.Job.a(Unknown Source)
at com.tibco.pe.core.Job.k(Unknown Source)
at com.tibco.pe.core.JobDispatcher$JobCourier.a(Unknown Source)
at com.tibco.pe.core.JobDispatcher$JobCourier.run(Unknown Source)
caused by: com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:149)
at com.sun.jersey.api.client.filter.GZIPContentEncodingFilter.handle(GZIPContentEncodingFilter.java:120)
at com.tibco.plugin.json.rest.adaptor.RESTReqeustAdaptor.handle(RESTReqeustAdaptor.java:41)
at com.tibco.plugin.json.rest.adaptor.RESTReqeustAdaptor.handle(RESTReqeustAdaptor.java:41)
at com.sun.jersey.api.client.Client.handle(Client.java:648)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:670)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.method(WebResource.java:623)
at com.tibco.plugin.json.activities.RestActivity.sendReqeustWithBody(RestActivity.java:423)
at com.tibco.plugin.json.activities.RestActivity.doPostAlike(RestActivity.java:407)
at com.tibco.plugin.json.activities.RestActivity.doService(RestActivity.java:372)
at com.tibco.plugin.json.activities.RestActivity$1.run(RestActivity.java:321)
at com.tibco.pe.util.ThreadPool$ThreadPoolThread.run(Unknown Source)
Caused by: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler$1$1.getOutputStream(URLConnectionClientHandler.java:225)
at com.sun.jersey.api.client.CommittingOutputStream.commitWrite(CommittingOutputStream.java:117)
at com.sun.jersey.api.client.CommittingOutputStream.write(CommittingOutputStream.java:89)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at com.sun.jersey.core.util.ReaderWriter.writeToAsString(ReaderWriter.java:191)
at com.sun.jersey.core.provider.AbstractMessageReaderWriterProvider.writeToAsString(AbstractMessageReaderWriterProvider.java:128)
at com.sun.jersey.core.impl.provider.entity.BaseFormProvider.writeTo(BaseFormProvider.java:109)
at com.sun.jersey.core.impl.provider.entity.FormProvider.writeTo(FormProvider.java:88)
at com.sun.jersey.core.impl.provider.entity.FormProvider.writeTo(FormProvider.java:58)
at com.sun.jersey.api.client.RequestWriter.writeRequestEntity(RequestWriter.java:300)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:204)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:147)
... 12 more
</StackTrace>
Issue/Introduction
When caliing a REST service using SSL, "Invoke REST API" activity fails with following exception:
caused by: com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
Environment
TIBCO AciveMatrix BusinessWorks 5.13 + TIBCO AciveMatrix BusinessWorks plugin for REST and JSON v2.0.0
Resolution
Beginning with JDK 7, the server name indication will be included in the TLS client messages. The server can ignore the server name indication or checking for accuracy of the server name indication. If a server wants to check the server name indication, it may be denied a connection when the server name indication is unexpected and fails with an unrecognized_name alert. This is not a bug of JDK. It is the purpose of the server that needs to deny the server name indication request or a miss-configuration in the server side. For detailed information, refer to http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7127374
If it is not possible to update the server side, a possible workaround is to disable the server name indication on the client side (Invoke REST API) , There are two possible solutions:
1). Add the following property to the designer.tra file.
"java.property.jsse.enableSNIExtension=false"
OR
2). Change your JDK version from 1.7 to 1.6 , Point your BW to use JDK 1.6 instead of JDK 1.7.
If it is not possible to update the server side, a possible workaround is to disable the server name indication on the client side (Invoke REST API) , There are two possible solutions:
1). Add the following property to the designer.tra file.
"java.property.jsse.enableSNIExtension=false"
OR
2). Change your JDK version from 1.7 to 1.6 , Point your BW to use JDK 1.6 instead of JDK 1.7.
Feedback
Yes
No
Powered by
