Service Virtualization

Expand all | Collapse all

More often getting this error message in VSE logs--"[PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client. javax.net.ssl.SSLException: Received fatal alert: certificate_unknown"

  • 1.  More often getting this error message in VSE logs--"[PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client. javax.net.ssl.SSLException: Received fatal alert: certificate_unknown"

    Posted 08-09-2020 02:11 PM
    From last few days we're getting the multiple error messages in the VSE logs, Stating like below.

    Almost we've deployed 20 stubs in the VSE, Among all these stubs only 8308 and 8314 ports are getting error like below. This VSE was using for performance testing and its having performance license too.

    Daily 20k error messages are logging in VSE file with same error.Due to this errors VSE performance became very slow during performance testing.

    The server is having the valid SSL certificate also.

    Version of DevTest : DevTest v10.3 in Windows server 2012 R2 server
    External DB : MySQL 5.7

    2020-08-06 17:57:00,511Z (19:57) [PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client.
    javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
        at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1800)
        at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1083)
        at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:907)
        at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
        at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
        at com.itko.lisa.vse.sio.SSLSession.processInboundNetworkData(SSLSession.java:372)
        at com.itko.lisa.vse.sio.SSLSession.handleHandshake(SSLSession.java:312)
        at com.itko.lisa.vse.sio.SSLSession.readEncryptedData(SSLSession.java:269)
        at com.itko.lisa.vse.sio.SSLSession.readApplicationData(SSLSession.java:191)
        at com.itko.lisa.vse.sio.NIOSession.handleRead(NIOSession.java:138)
        at com.itko.lisa.vse.sio.SelectorThread.handleOperations(SelectorThread.java:316)
        at com.itko.lisa.vse.sio.SelectorThread.run(SelectorThread.java:265)
        at java.lang.Thread.run(Thread.java:745)


    Can anyone help me why this error message is coming. Thanks in Advance!!


  • 2.  RE: More often getting this error message in VSE logs--"[PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client. javax.net.ssl.SSLException: Received fatal alert: certificate_unknown"

    Posted 08-10-2020 12:32 AM
    Hi,

    Could you check if any other clients(without proper ssl) are invoking your virtual services? also, check the value of property  https.protocols

    Thanks


    ------------------------------
    Regards,
    Vaibhav Jain
    Capgemini
    ------------------------------



  • 3.  RE: More often getting this error message in VSE logs--"[PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client. javax.net.ssl.SSLException: Received fatal alert: certificate_unknown"

    Posted 08-10-2020 01:52 AM
    HI Sai
           Please check the listen step of your virtual service model (VSM) and see if you have turned on 'Enable Client Certificate Authentication' for those 2 Virtual Services that throw up this error. This option would seek an SSL Certificate from the client and if the client certificate is either self-signed or issued from an untrusted CA, this problem may occur. 

    image.png

    regards
    Sankar





  • 4.  RE: More often getting this error message in VSE logs--"[PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client. javax.net.ssl.SSLException: Received fatal alert: certificate_unknown"

    Posted 08-10-2020 02:34 AM
    Hi Sankar,

    Thank you for your prompt response.

    Yes i could see for both the VSM'S  the "Enable Client Certificate Authentication" property is enabled. 

    Our DevTest server having the valid CA certificate. 

    If suppose i disable the property(Enable Client Certificate Authentication) is it works? is this issue causing the VSE slowness during the Load Test?

    Still i'm wondering, why suddenly the error is throwing. There is no change in environment from long time. 

    Please suggest me how to get rid from this.

    Thanks, 
    Sai Narasimha




  • 5.  RE: More often getting this error message in VSE logs--"[PortServer:0.0.0.0/0.0.0.0:8308] ERROR com.itko.lisa.vse.sio.PortServer - An error occurred reading from the client. javax.net.ssl.SSLException: Received fatal alert: certificate_unknown"

    Posted 08-10-2020 02:39 AM
    Hi Sai,

    I would suggest, Try unchecking that option and observe the logs and see if error persists.

    Thanks

    ------------------------------
    Regards,
    Vaibhav Jain
    Capgemini
    ------------------------------