Java Security error when https hosted Editor Applet opens document
Posted: Sun Aug 02, 2015 4:25 pm
We are moving to a secure https enabled server for the Oxygen Editor Applet.
I am getting the following error when opening a file(URL) in the editor
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
I was getting the error when loading the oxygen applet until I added this to the jar signing process, Which allows the Editor to load but I can't load a file into the editor!
<argument>-J-Djsse.enableSNIExtension=false</argument>
I tried adding this to the apache 2.2.24 server we are proxied through but it didn't make any difference.
I realize this is not your problem, I was just hoping you had run into this issue and had a solution?
I am getting the following error when opening a file(URL) in the editor
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
This is the java call that loads the fileaddPage: url: mbepp/working_files/A10087.xml userID: derricks docBase: https://mbepapers.org/editor-1/mbep-editor.html fullPath: https://mbepapers.org/editor/mbepp/work ... A10087.xml
136543 WARN [ AWT-EventQueue-2 ] ro.sync.exml.editor.b.g - Action: Compare could not be added after :Open
security: Validate the certificate chain using CertPath API
network: Connecting https://mbepapers.org/editor/mbepp/work ... A10087.xml with proxy=DIRECT
network: Connecting http://mbepapers.org:443/ with proxy=DIRECT
security: Validate the certificate chain using CertPath API
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1410)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2004)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1113)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at ro.sync.util.URLUtil.openConnection(Unknown Source)
at ro.sync.exml.editor.yc.cb(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.xmleditor.ob.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.load(Unknown Source)
at myGroup.mbepEditor$8.run(mbepEditor.java:539)
at java.lang.Thread.run(Thread.java:745)
ro.sync.ecss.extensions.api.component.AuthorComponentException: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.load(Unknown Source)
at myGroup.mbepEditor$8.run(mbepEditor.java:539)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1410)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2004)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1113)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at ro.sync.util.URLUtil.openConnection(Unknown Source)
at ro.sync.exml.editor.yc.cb(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.xmleditor.ob.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
at ro.sync.exml.editor.me.open(Unknown Source)
... 3 more
fullPath == https://mbepapers.org/editor/mbepp/work ... A10087.xmleditor.setDocumentContent(fullPath);
which calls
editorComponent.load(new URL(documentURL), null);
I was getting the error when loading the oxygen applet until I added this to the jar signing process, Which allows the Editor to load but I can't load a file into the editor!
<argument>-J-Djsse.enableSNIExtension=false</argument>
I tried adding this to the apache 2.2.24 server we are proxied through but it didn't make any difference.
and# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off
One of the frustrating things is it works fine on my development server, but not on our host server!ServerName http://www.mbepapers.org:443
I realize this is not your problem, I was just hoping you had run into this issue and had a solution?