1 Reply Latest reply on Apr 17, 2014 6:46 PM by bas.kuis

    ssl v3 connectivity problems

    bas.kuis

      Dear Mark Weitzel and Ryan Rutan,

       

      We have an add-on deployed to open-shift - they upgraded their SSL to v3 as part of the heartbleed fix/patch.

      vV2KKxe.png

       

      Currently our add-on is not able to connect due to a SSL handshake issue since this new certificate has been in use.

       

      In the jive log we're seeing the following:

       

       

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - -----------------------------------------

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Non 2xx response while registering https://xxxx-xxxx.rhcloud.com/jive/oauth/register [408]

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Request headers are

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - -----------------------------------------

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - User-Agent : Jive SBS v7.0.0.1

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Host : pipscalable-radioshack.rhcloud.com

      2014-04-17 12:48:04,715 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Content-Length : 572

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Content-Type : application/json; charset=UTF-8

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - -----------------------------------------

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Response status is null

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Response headers are

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - -----------------------------------------

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - -----------------------------------------

      2014-04-17 12:48:04,716 [TaskEngineWorker-pool-1] [::] INFO com.jivesoftware.community.extension.ClientAppInstallNotifier - Response body is null

      2014-04-17 12:48:18,226 [TaskEngineWorker-pool-1] [::] WARN com.jivesoftware.community.http.impl.HttpClientManagerImpl - Http connection thread was interrupted or has timed out for /RSIntegration/update

      java.util.concurrent.ExecutionException: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name

       

      To your knowledge - is there a work around or should this be expected to work? (Connecting to a host using the ssl v3 cert)

       

      On the dev box we're seeing similar behavior:

      curl -X GET 'https://xxxxxxxxxx-xxxxx.rhcloud.com/RSintegration/update'

      curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)

      However this works:

      curl -X GET -ssl3 'https://xxxxxx-xxxxxxx.rhcloud.com/RSintegration/update'

      <html>

      <head>

          <link rel="stylesheet" type="text/css" href="http://xxxxxxxxxx-xxxxxxxxx.rhcloud.com/stylesheets/style.css">

          <script src="http://xxxxxxxxx-xxxxxxxxx.rhcloud.com/javascripts/jquery-1.8.3.js"></script>

          <script src="http://xxxxxxxxx-xxxxxxxxx.rhcloud.com/RSIntegration/javascripts/main.js"></script>

      </head>

      Notice the added '-ssl3' flag

       

      As always, your attention is greatly appreciated!

       

      Tim Mila, Richard Ciardo, John Larson

       

      Best,

      Bas ~7Summits