Java Security error when https hosted Editor Applet opens document

Post here questions and problems related to oXygen frameworks/document types.
sderrick
Posts: 219

Java Security error when https hosted Editor Applet opens document

Sun Aug 02, 2015 4:25 pm

We are moving to a secure https enabled server for the Oxygen Editor Applet.

I am getting the following error when opening a file(URL) in the editor

javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

addPage: url: mbepp/working_files/A10087.xml userID: derricks docBase: https://mbepapers.org/editor-1/mbep-editor.html fullPath: https://mbepapers.org/editor/mbepp/work ... A10087.xml
136543 WARN [ AWT-EventQueue-2 ] ro.sync.exml.editor.b.g - Action: Compare could not be added after :Open
security: Validate the certificate chain using CertPath API
network: Connecting https://mbepapers.org/editor/mbepp/work ... A10087.xml with proxy=DIRECT
network: Connecting http://mbepapers.org:443/ with proxy=DIRECT
security: Validate the certificate chain using CertPath API
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1410)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2004)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1113)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at ro.sync.util.URLUtil.openConnection(Unknown Source)
at ro.sync.exml.editor.yc.cb(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.xmleditor.ob.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.load(Unknown Source)
at myGroup.mbepEditor$8.run(mbepEditor.java:539)
at java.lang.Thread.run(Thread.java:745)
ro.sync.ecss.extensions.api.component.AuthorComponentException: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.load(Unknown Source)
at myGroup.mbepEditor$8.run(mbepEditor.java:539)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1410)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2004)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1113)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at ro.sync.util.URLUtil.openConnection(Unknown Source)
at ro.sync.exml.editor.yc.cb(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.xmleditor.ob.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
... 3 more


This is the java call that loads the file

editor.setDocumentContent(fullPath);

which calls

editorComponent.load(new URL(documentURL), null);


fullPath == https://mbepapers.org/editor/mbepp/work ... A10087.xml

I was getting the error when loading the oxygen applet until I added this to the jar signing process, Which allows the Editor to load but I can't load a file into the editor!

<argument>-J-Djsse.enableSNIExtension=false</argument>

I tried adding this to the apache 2.2.24 server we are proxied through but it didn't make any difference.

# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off


and



One of the frustrating things is it works fine on my development server, but not on our host server!

I realize this is not your problem, I was just hoping you had run into this issue and had a solution?
sderrick
Posts: 219

Re: Java Security error when https hosted Editor Applet opens document

Tue Aug 04, 2015 1:16 am

I changed the address of the file to load from https:// to http:// and it worked fine.

This is possibly related to the fact I'm using a self signed cert for the apache ssl module while I get things working. Java throws a fit anywhere near a self signed cert now.

Once my client buys a cert I will see if I can change the files address back to https://...

Scott
Radu
Posts: 5753

Re: Java Security error when https hosted Editor Applet opens document

Tue Aug 04, 2015 8:02 am

Hi Scott,

Sorry for the delay.
Indeed googling for this problem it seems that newer Java versions started throwing such errors when certain self signed certificates were used.
So you should not have such a problem with a valid certificate.

Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com

Return to “SDK-API, Frameworks - Document Types”

Who is online

Users browsing this forum: No registered users and 1 guest