I'm facing a weird issue on our server that happens intermittently not quite often (once a month) and can't figure it out.
I've searched for this and found this thread which is pretty similar to my issue. However, previous question is about Unknown-0.0 whilst my error shows Unknown-84.84. Also this thread although I cannot find what 84.84 means. Checking at this OpenJdk class I can come up with 84.84 is major.minor versions but couldn't find what 84 version stands for (btw, I use Oracle jdk so I'm not sure if it's the same code).
We are using TLSv1 on our client through this connection factory:
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
sslcontext,
new String[] { "TLSv1" },
null,
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER
);
I was wondering if someone knows what is my error about or give me any insight about this.
The java stack trace if the following:
javax.net.ssl.SSLException: Unsupported record version Unknown-84.84
at sun.security.ssl.InputRecord.readV3Record(InputRecord.java:524)
at sun.security.ssl.InputRecord.read(InputRecord.java:509)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
at org.apache.http.impl.io.SessionInputBufferImpl.streamRead(SessionInputBufferImpl.java:136)
at org.apache.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:152)
at org.apache.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:270)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:140)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57)
at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:260)
Related
I have started to face this problem. While trying to connect, I am facing an error stating that my traffic-manager version is 2.1.5 and it should be at least 2.4.5.
"telepresence connect" command checks for new versions and modifies it if there is any new version exists. So I am thinking that started to create a problem. Because I was using it as normal.
When I check the connector.log file these two lines create the problem.
connector/session : Existing Traffic Manager 2.6.5 not owned by cli or does not need upgrade, will not modify
connector/session : failed to connect to root daemon: rpc error: code = Unknown desc = unsupported traffic-manager version 2.1.5. Minimum supported version is 2.4.5
So somehow I have two versions now while checking for the update it hits 2.6.5 but while trying to run it tries with 2.1.5. Trying to uninstall telepresence but it also faces the same problem and I couldn't locate and delete traffic-manager 2.1.5. My OS is Windows 11.
Because of that, I am kind of blocked with my tests. Any help will be well appreciated. Thanks!
After asking the question, a new version arrived, if anyone encountered this problem, please update telepresence to 2.6.6. It is fixed now.
I recently upgraded our artifactory repository from 2.6.5 to the current version 5.4.6.
However, something seems to have gone wrong in the process. There are some artifacts that throw a HTTP 500 error when attempting to access them. Here is an example using wget:
wget http://xyz.server.com:8081/artifactory/gradle/org/jfrog/buildinfo/build-info-extractor-gradle/2.0.12/build-info-extractor-gradle-2.0.12.pom
--2017-09-12 12:17:13--
http://xyz.server.com:8081/artifactory/gradle/org/jfrog/buildinfo/build-info-extractor-gradle/2.0.12/build-info-extractor-gradle-2.0.12.pom
Resolving xyz.server.com (xyz.server.com)... 10.125.1.28
Connecting to xyz.server.com (xyz.server.com)|10.125.1.28|:8081... connected.
HTTP request sent, awaiting response... 500 Internal Server Error
2017-09-12 12:17:13 ERROR 500: Internal Server Error.
I verified this by going to the artifactory site, browsing to the object in question, and trying to download it. The result was the following:
{
"errors" : [ {
"status" : 500,
"message" : "Could not process download request: Binary provider has no content for 'e52a9a9a58d6829b7b13dd841af4b027c88bb028'"
} ]
}
The problem seems to be in the final step of the upgrade process, upgrading from 3.9.5 to 5.4.6. The wget command above works on 3.9.5, but not on the 5.4.6 instance.
I found a reference to a "Zap Cache" function in older documentation and thought it might fix things, but I don't seem to be able to find that function in the current site.
Is anyone able to point me to: a way to fix this issue, or what I need to do/look for in the upgrade process in order to prevent it from occurring?
As a further data point, we're using an Oracle database for the full file store, if that matters in any way (using the tag: <chain template="full-db"> in binarystore.xml)
Thanks in advance....
I'm getting the following exception when I enable SSL debug via -Djavax.net.debug=ssl:
java.security.NoSuchAlgorithmException: EC AlgorithmParameters not available
I'm running Centos 6.7, Open JDK 1.8.0_91 & Tomcat 7.0.63
My research indicates that this is a known bug: https://bugs.centos.org/view.php?id=9482
I found numerous sources indicating that a workaround for this is to disable the Elliptic Curve cipher algorithms by setting the following property in the jre/lib/security/java.security file:
jdk.tls.disabledAlgorithms=EC,ECDHE,ECDH
I looked at my java.security file and found that these algorithms were already disabled:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keysize < 768, EC, ECDHE, ECDH
I tried changing this property to be exactly as shown in the examples I found and that did not work either. I also tried removing the jre/lib/ext/sunec.jar file, which again had no effect.
I've carefully traced my installation of Tomcat to ensure that the jre/lib/security/java.security file I'm modifying is the one Tomcat is running on.
If anyone has any ideas about what is going on here or how I can work around this problem I would be very grateful to get your input.
This question is related to OpenJDK on OpenShift: "NoSuchAlgorithmException: EC AlgorithmParameters not available" except I'm not using OpenShift and I am able to edit my java.security file to attempt the well known workaround. My problem is that the workaround does not work for me.
When I try to debug or run a PHP script on my test Windows server using Aptana and PHP 5.4.24 (or the latest 5.4.x, 5.4.40), I am told "Malformed \uxxxx encoding" has occurred.
Given most material online about this error (with any Java code) refers to paths, I've tried installing this PHP version in two locations (and with an additionally different path), with no change. None of the paths contain the string "\u".
If I use PHP 5.5.12 instead, there's no error.
My production server uses 5.4.24, and I would prefer to leave it the way it is for the time being. I would like to debug using the same version of PHP.
A certain Igor appears to have had the same problem as me in July 2014: http://php.tutorialhorizon.com/how-to-debug-php-in-aptana-studio/#comment-2225
The offered solution "check your paths" hasn't helped me.
Log:
ENTRY org.eclipse.core.jobs 4 2 2015-04-21 13:44:19.026
!MESSAGE An internal error occurred during: "Launching website".
!STACK 0
java.lang.IllegalArgumentException: Malformed \uxxxx encoding.
at java.util.Properties.loadConvert(Unknown Source)
at java.util.Properties.load0(Unknown Source)
at java.util.Properties.load(Unknown Source)
at org2.eclipse.php.internal.debug.core.launching.XDebugExeLaunchConfigurationDelegate.isXDebugFunctional(XDebugExeLaunchConfigurationDelegate.java:310)
at org2.eclipse.php.internal.debug.core.launching.XDebugExeLaunchConfigurationDelegate.launch(XDebugExeLaunchConfigurationDelegate.java:86)
at org2.eclipse.php.internal.debug.core.launching.PHPLaunchDelegateProxy.launch(PHPLaunchDelegateProxy.java:71)
at org.eclipse.debug.internal.core.LaunchConfiguration.launch(LaunchConfiguration.java:858)
at org.eclipse.debug.internal.core.LaunchConfiguration.launch(LaunchConfiguration.java:707)
at org.eclipse.debug.internal.ui.DebugUIPlugin.buildAndLaunch(DebugUIPlugin.java:1018)
at org.eclipse.debug.internal.ui.DebugUIPlugin$8.run(DebugUIPlugin.java:1222)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:53)
Look at the property file or the file displayed in the error message and change the backslash to forwardslash:
...\user_projects... to .../user_projects...
Or
...\uxxxx... to .../uxxxx...
\u is a reserved keyword and throws the system off.
Note: "..." and "xxxx" are depicting anything in this case. Usually the error displays a line number one line below the actual line with the issue or so-called ...\u...
Reference: http://bugs.java.com/bugdatabase/view_bug.do?bug_id=6555979
It is really disappointing that so many of these issues with java plague many of us and so many articles send people on a wild goose chase. Hope this helps someone.
Are there paths with /usr in them somewhere? The windows version of PHP can do odd things with slashes and backslashes. Without seeing your config it is hard to say.
My Problem
I compiled OpenSSL into QT to enable OpenSSL support. Everything appeared to go correctly in the compile.
However, when I try to use the official HTTP example application that can be found here, everytime I try to download an https page, it will signal two QSslError, each with contents NoError.
The types of QSslErrors, including NoError, are documented here, poorly. There is no explanation on why they even included an error type called NoError, or what it means.
Bizarrely, the NoError error code seems to be true, as it downloads the remote https document perfectly even while signaling the error.
Does anyone have any idea what this means and what could possibly be causing it?
Optional Background Reading
Here is the relevant part of the code from the example app (this is connected to the network connection's sslErrors signal by the constructor):
void HttpWindow::sslErrors(QNetworkReply*,const QList<QSslError> &errors)
{
QString errorString;
foreach (const QSslError &error, errors) {
if (!errorString.isEmpty())
errorString += ", ";
errorString += error.errorString();
}
if (QMessageBox::warning(this, tr("HTTP"),
tr("One or more SSL errors has occurred: %1").arg(errorString),
QMessageBox::Ignore | QMessageBox::Abort) == QMessageBox::Ignore) {
reply->ignoreSslErrors();
}
}
I have tried the old version of this example, and it produced the same result.
I have tried OpenSSL 1.0.0a and 0.9.8o. I have tried tried compiling OpenSSL myself, I have tried using pre-compiled versions of OpenSSL from the net. All produce the same result.
If this were my first time using QT with SSL, I would almost think this is the intended result (even though their example application is popping up error warning message windows), if not for the fact that last time I played with QT, using what would now be an old version of QT with an old version of SSL, I distinctly remember everything working fine with no error windows.
My system is running Windows 7 x64.
The only path where a QSslError can be constructed with a NoError code is during conversion from OpenSSL error codes to QSslError::SslError values, when the error code is X509_V_OK. There is an interesting note about this error code in the OpenSSL docs:
If no peer certificate was presented, the returned result code is X509_V_OK. This is because no verification error occurred, it does however not indicate success.
Can you check with Wireshark or something similar if the certificate is being transmitted?
I get 4 errors, 3 times over.
The 4 (expected) errors are:
1.The host name did not match any of the valid hosts for this certificate
2.The issuer certificate of a locally looked up certificate could not be found
3.The root CA certificate is not trusted for this purpose
4.No certificates could be verified
I suspect your "NoError" refers to the last (#4)...
The reason I got 3 repeats appears to be because there are 3 threads running - each fires the same sslErrors signal.
I suspect your 2 repeats were due to 2 threads running in the WebView widget.