'Closing SSLConduit after exception on handshake' ERRORs flood EAP logs during security scan

Solution Verified - Updated -

Issue

  • SSL handshakes are logged at an ERROR level. When we run a security scan, this floods our logs with such ERRORs since it is attempting and testing things expected to fail in the handshake. For example:
 2021-06-01 17:52:38,614 ERROR [io.undertow.request] (default I/O-2) Closing SSLConduit after exception on handshake: javax.net.ssl.SSLHandshakeException: Client requested protocol TLSv1.1 is not enabled or supported in server context
2021-06-01 17:53:26,342 ERROR [io.undertow.request] (default I/O-6) Closing SSLConduit after exception on handshake: javax.net.ssl.SSLHandshakeException: Invalid Padding leng
th: 255
Caused by: javax.crypto.BadPaddingException: Invalid Padding length: 255
2021-06-01 17:53:45,466 ERROR [io.undertow.request] (default I/O-1) Closing SSLConduit after exception on handshake: javax.net.ssl.SSLHandshakeException: no cipher suites in common

Environment

  • JBoss Enterprise Application Platform (EAP)
    • 7.2.7 and earlier
    • 7.3.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content