-
Notifications
You must be signed in to change notification settings - Fork 300
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS fails with jdk 8u191 #3284
Comments
Also the web interface at port 4848 fails and the redeploy with asadmin: java.lang.NoSuchMethodError: sun.security.ssl.SSLSessionImpl.(Lsun/security/ssl/ProtocolVersion;Lsun/security/ssl/CipherSuite;Ljava/util/Collection;Ljava/security/SecureRandom;Ljava/lang/String;IZ)V /opt/payara/payara-5.183/bin/asadmin redeploy [....] This error with Glassfish: |
I am also seeing this error with OpenJDK 8u191. It works fine on 8u181, but throws the above error after upgrading to 8u191. I'm also using Payara Full Server 5.183 on Linux. |
Perhaps change like that in constructor of SSLSessionImpl has to be cared of in grizzly-npn (again, see javaee/grizzly-npn#5 for previous case) . |
Yes it will be a Grizzly npn error. Grizzly is now part of Jakarta EE at the Eclipse Foundation |
If you don't care about HTTP/2 the Grizzly npn jar can be removed from the bootclasspath from your Payara startup options as a workaround. |
Hello, I found a solution to solve the problem temporarily.
if you want, I can upload a patched version of the file ("grizzly-npn-bootstrap.jar") Have a good day.. |
Thanks for that. However this will stop HTTP2 from working. What Grizzly npn does is enable alpn for SSL on JDK8. It would be easier just to remove the grizzly npn jar from the bootclasspath. We will develop a patch before the 184 release |
Probably the easiest way to reproduce this issue is to enable secure admin and see if Payara starts. We are also seeing this issue with Jdk 8u191. |
Hi all, Thank you for the discussion on this issue. Just to clarify the status of this to the best of my understanding, there's an upstream issue (eclipse-ee4j/grizzly-npn#8) to track this issue, as well as internal issue Kind regards, Matt |
Hi all, An update to this issue: it has been fixed in the referenced PR above. I'll close this issue, although feel free to reopen it if you find any issues with the fix. Kind regards, Matt |
Looks like this fix is only working for JDK 8u191, so the Payara Docker Image is not working anymore, because it comes with JDK 8u181. See: https://github.com/payara/docker-payaraserver-full/issues/56 |
I'm running the latest Payara 5.184-SNAPSHOT with Java version 1.8.0_191-b12 and I still see this error. |
Hi, We're working internally on this to find the best solution. I'll update you when the status of this issue changes. Kind regards, Matt |
Hi. We have the same issue. We are using openjdk:8-jdk-slim with a extracted payara-5.182. |
Seems related also: jetty-project/jetty-alpn#22 |
Hi all, This should have been fixed by #3414. I'll close this issue, but let me know if any other issues are caused by it and I'll be happy to reopen it. Cheers, Matt |
hey there,
after enabling DAS it is not starting as well like discribed in #2661 |
Just downloaded 5.184 yesterday and ran into this error. I verified that the lines in the PR request listed here were there. I was still getting the error until I removed all the version numbers and only left in the line for the version that I was using. Not sure why this wasn't working for me. -- added Dec 17 -- |
I have the same issue with the docker image of 5.184. The image only works because it's based on an old java version (
|
I have the same problem with openjdk version "1.8.0_252" and payara 5201. |
The issue has been fixed. Especially the one you have commented on. |
Should I open a new issue? And just change the version number? |
Yes, it is working! Thank you so much for leading me to the solution. |
TLS connections fail with oracle jdk 8u191
TLS connections (for example: https-listener, jdbc connection pool using tls (mysql/postgresql)) fail using oracle jdk 8u191. No problems when using 8u181.
Expected Outcome
should present the payara index page.
Current Outcome
curl return an error. Payara logs the following stack trace:
Steps to reproduce
1 -
export JAVA_HOME=/path/to/oracle-jdk8u191
2 -
./asadmin start-domain payaradomain
3 -
curl --insecure https://localhost:8181/
Environment
The text was updated successfully, but these errors were encountered: