Error establishing SSL connections: OpenSSL::SSL::SSLError: Socket closed #13

matthauck opened this Issue Jan 17, 2012 · 2 comments


None yet

1 participant


(Also logged this here: -- wasn't sure the best place to put it)

Mac OSX Lion, jruby, 1.9 mode, jruby-openssl

I have been intermittently seeing "SSLError: Socket closed" upon connect, trying to establish an SSL socket connection. Hard to tell whether it was just my connection or not. Then I noticed that it happens without fail upon accept when running WEBrick in https mode--except from Safari. I mean, Webrick starts up okay, but when I navigate to https://localhost:3000 in my browser (though, strangely, Safari works fine), it fails with the following backtrace:

org/jruby/ext/openssl/ accept
/Users/mhauck/.rvm/gems/jruby- accept
/Users/mhauck/.rvm/rubies/jruby- accept_client
/Users/mhauck/.rvm/rubies/jruby- start
org/jruby/ each
/Users/mhauck/.rvm/rubies/jruby- start
/Users/mhauck/.rvm/rubies/jruby- start
/Users/mhauck/.rvm/rubies/jruby- start
/Users/mhauck/.rvm/gems/jruby- run
/Users/mhauck/.rvm/gems/jruby- start
/Users/mhauck/.rvm/gems/jruby- start
/Users/mhauck/.rvm/gems/jruby- (root)
org/jruby/ tap
/Users/mhauck/.rvm/gems/jruby- (root)
org/jruby/ require
script/rails:59:in (root)

The failure in connect comes from the following code (from jtv-apns gem):

context =
context.cert = cert
context.key = pem
sock =, port)
ssl =, context)

PS. I configured webrick to use SSL as detailed here:


It appears that in both places, the problem is happening in doHandshake() -- it is expecting there to be more data from the client / server (readAndUnwrap()) but there is none.

if(readAndUnwrap() == -1 && hsStatus != SSLEngineResult.HandshakeStatus.FINISHED) {
throw new SSLHandshakeException("Socket closed");


Okay, got jdb up and working. It is exiting here from lines 464-466 in readAndUnwrap():

if(status == SSLEngineResult.Status.CLOSED) {
return -1;

hsStatus = "NEED_WRAP"
peerNetData.hasRemaining() = false
peerAppData.hasRemaining() = true

Reading peerAppData gives me a 96-long "0000<...>" string. Is there anything I can inspect here that might be of interest?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment