[
https://issues.apache.org/jira/browse/HTTPCLIENT-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13631763#comment-13631763
]
Oleg Kalnichevski commented on HTTPCLIENT-1339:
-----------------------------------------------
Juraj
> However, I'm still not able to find the root cause of aforementioned error.
> 00 0060pool-1-thread-262, Exception sending alert: java.net.SocketException:
> Broken pipe
Essentially it is the same underlying cause. Google figured you were being
naughty and dropped the connection in the middle of SSL handshake. Due to what
I believe is a bug in Oracle's JSSE implementation the socket exception was not
propagated to the caller but was incorrectly re-thrown as
SSLPeerUnverifiedException.
Regarding HttpClient not exhibiting the same problem I cannot say I am very
surprised. HttpClient 3 and 4 are significantly different and do a lot of
things differently. For one they have completely different SSL context
initialization logic. Besides, often high traffic we sites treat different user
agents differently. I am pretty sure if you make both versions use identical
SSL initialization logic and identical User-Agent both versions should behave
consistently.
Oleg
> SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
> --------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1339
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1339
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.2.3
> Reporter: Juraj Martinka
> Priority: Critical
>
> HttpClient (tested against 4.1 version and 4.2.3) suffers from
> SSLPeerUnverifiedException.
> It can occur randomly, mainly when calling some secured resource in a
> concurrent fashion.
> However, each time there is a new HttpClient instance some this might not be
> related to the threads issues.
> I've created two unit tests -
> https://gist.github.com/jumarko/34c20054d3d85eaff5a7
> * HttpClientPeerUnverifiedTest - using HttpClient 4.x errors occures in a
> random fashion -> sometimes zero failures, but more often than not there is
> at least one SSLPeerUnverifiedException
> * OldHttpClientPeerUnverifiedTest - using HttpClient 3.1 everything is
> working OK
> Stacktrace:
> {code}
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
> at
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
> at
> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:151)
> at
> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:125)
> at
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:641)
> at
> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:480)
> at
> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
> at
> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1066)
> at
> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1044)
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
