SSL Handshake Exception lost when using camel netty http producer

Solution In Progress - Updated -

Issue

I am having difficulties to troubleshoot some of the SSL failures when my application attempts to connect to back ends. I am not able to understand by looking at the logs what is making the connection to fail.

When inspecting the behavior of 'camel-netty-http' for a particular use case where no trusted certificates are available, I realize that Netty is throwing an SSLHandshakeException, but then it gets lost and a ClosedChannelExcetpion is thrown back instead.
While DEBUG and WARN level messages give indication about the real source of the problem, the final ERROR level message looses the error context. This is problematic when I run the system in ERROR level, and when I see failures I can't determine the reasons.
The sequence of logs is as follows:

  1. first a DEBUG trace:
    DEBUG Closing channel as an exception was thrown from Netty
    javax.net.ssl.SSLHandshakeException: General SSLEngine problem
    ... Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
    ... Caused by: sun.security.validator.ValidatorException: No trusted certificate found

  2. then a WARN trace:
    WARN HttpServerChannelHandler is not found as attachment to handle exception, send 404 back to the client.
    javax.net.ssl.SSLException: Received fatal alert: certificate_unknown

  3. and an ERROR trace:
    ERROR Failed delivery for...
    ... java.nio.channels.ClosedChannelException
    at org.jboss.netty.handler.ssl.SslHandler$7.run(SslHandler.java:1766)

Environment

  • JBoss Fuse
    • 6.1
    • 6.2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.