Details
-
Type:
Bug
-
Status:
Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 1.2.3, 1.3.6, 1.4.0 (Beta), 1.4.1
-
Fix Version/s: 1.4.2
-
Component/s: Core system
-
Labels:None
-
Complexity:Intermediate
-
Patch Submitted:Yes
-
Number of attachments :
Description
The exception is because the http client cannot handle certificates for SSLv3 protocol, so this support must be explicitly enabled. Here is the exception:
Could not download the URL: https://xxxxxx:*****@hostname.com/project/pom.xml
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at com.sun.net.ssl.internal.ssl.
SSLSocketImpl.checkEOF(SSLSocketImpl.java:1267)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1279)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:43)
at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:87)
at org.apache.http.impl.io.AbstractSessionOutputBuffer.flush(AbstractSessionOutputBuffer.java:94)
at org.apache.http.impl.AbstractHttpClientConnection.doFlush(AbstractHttpClientConnection.java:171)
at org.apache.http.impl.SocketHttpClientConnection.close(SocketHttpClientConnection.java:192)
at org.apache.http.impl.conn.DefaultClientConnection.close(DefaultClientConnection.java:161)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.close(AbstractPooledConnAdapter.java:158)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:410)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
at org.apache.maven.continuum.project.builder.AbstractContinuumProjectBuilder.createMetadataFile(AbstractContinuumProjectBuilder.java:122)
at org.apache.maven.continuum.project.builder.AbstractContinuumProjectBuilder.createMetadataFile(AbstractContinuumProjectBuilder.java:244)
at org.apache.maven.continuum.project.builder.maven.MavenTwoContinuumProjectBuilder.readModules(MavenTwoContinuumProjectBuilder.java:149)
at org.apache.maven.continuum.project.builder.maven.MavenTwoContinuumProjectBuilder.buildProjectsFromMetadata(MavenTwoContinuumProjectBuilder.java:124)
at org.apache.maven.continuum.core.action.CreateProjectsFromMetadataAction.execute(CreateProjectsFromMetadataAction.java:152)
at org.apache.maven.continuum.DefaultContinuum.executeAction(DefaultContinuum.java:2759)
at org.apache.maven.continuum.DefaultContinuum.executeAddProjectsFromMetadataActivity(DefaultContinuum.java:1569)
at org.apache.maven.continuum.DefaultContinuum.executeAddProjectsFromMetadataActivity(DefaultContinuum.java:1815)
at org.apache.maven.continuum.DefaultContinuum.addMavenTwoProject(DefaultContinuum.java:1365)
at org.apache.maven.continuum.web.action.AddMavenTwoProjectAction.doExecute(AddMavenTwoProjectAction.java:109)
at org.apache.maven.continuum.web.action.AddMavenProjectAction.execute(AddMavenProjectAction.java:189)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:404)
at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:267)
at org.apache.struts2.interceptor.BackgroundProcess$1.run(BackgroundProcess.java:56)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1694)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:939)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:87)
at org.apache.http.impl.io.AbstractSessionOutputBuffer.flush(AbstractSessionOutputBuffer.java:94)
at org.apache.http.impl.AbstractHttpClientConnection.doFlush(AbstractHttpClientConnection.java:171)
at org.apache.http.impl.AbstractHttpClientConnection.flush(AbstractHttpClientConnection.java:176)
at org.apache.http.impl.conn.AbstractClientConnAdapter.flush(AbstractClientConnAdapter.java:221)
at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:240)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:119)
... 23 more
Still applies cleanly, but need more time to test this. Since SSLv3 is listed in the enabled protocols already, I'm not sure what causes the above.
If anyone is still having this problem - what operating system/JDK are you using, and what runs on the SSL server?