You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Martin Choma (JIRA)" <ji...@apache.org> on 2015/06/24 09:17:42 UTC
[jira] [Commented] (DIRSERVER-2073) Unable to make SSL connection
on Oracle java 6 for ApacheDS 2.0.0-M19
[ https://issues.apache.org/jira/browse/DIRSERVER-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14598993#comment-14598993 ]
Martin Choma commented on DIRSERVER-2073:
-----------------------------------------
Hi Emmanuel,
thank you for answer. Reality is we have to run on 1.6. There is no choice.
I have investigated the error and problem which I see is that LdapNetworkConnection#addSslFilter hardcoded enabled protocols by
sslFilter.setEnabledProtocols( new String[] { "TLSv1", "TLSv1.1", "TLSv1.2" } );
On jdk, which doesnt know some of this protocols as Oracle JDK 1.6 or OpenJDK 1.6 it leads to exception:
Caused by: java.lang.IllegalArgumentException: TLSv1.1
at sun.security.ssl.ProtocolVersion.valueOf(ProtocolVersion.java:152)
at sun.security.ssl.ProtocolList.<init>(ProtocolList.java:57)
at sun.security.ssl.SSLEngineImpl.setEnabledProtocols(SSLEngineImpl.java:1816)
at org.apache.mina.filter.ssl.SslHandler.init(SslHandler.java:176)
at org.apache.mina.filter.ssl.SslFilter.onPreAdd(SslFilter.java:426)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:381)
Is there any chance to get around this problem.
Thanxs for any advice in advance,
Martin
> Unable to make SSL connection on Oracle java 6 for ApacheDS 2.0.0-M19
> ---------------------------------------------------------------------
>
> Key: DIRSERVER-2073
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2073
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 2.0.0-M19
> Environment: Oracle jdk 1.6.0_45
> Reporter: Martin Choma
> Labels: security
>
> TLSv1.1 is not provided for Oracle JDK 1.6, which is used by ApacheDS 2.0.0-M19
> Is there a way to specify, that I want to use TLSv1.0 instead of default TLSv1.1 in ApacheDS 2.0.0-M19?
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:383)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.addLast(DefaultIoFilterChain.java:189)
> at org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder.buildFilterChain(DefaultIoFilterChainBuilder.java:436)
> at org.apache.mina.core.polling.AbstractPollingIoProcessor.addNow(AbstractPollingIoProcessor.java:532)
> at org.apache.mina.core.polling.AbstractPollingIoProcessor.handleNewSessions(AbstractPollingIoProcessor.java:505)
> at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:67)
> at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1113)
> at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
> at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
> at java.lang.Thread.run(Thread.java:662)
> Caused by: java.lang.IllegalArgumentException: TLSv1.1
> at com.sun.net.ssl.internal.ssl.ProtocolVersion.valueOf(ProtocolVersion.java:133)
> at com.sun.net.ssl.internal.ssl.ProtocolList.<init>(ProtocolList.java:38)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.setEnabledProtocols(SSLEngineImpl.java:1821)
> at org.apache.mina.filter.ssl.SslHandler.init(SslHandler.java:176)
> at org.apache.mina.filter.ssl.SslFilter.onPreAdd(SslFilter.java:426)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:381)
> ... 10 more
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)