Getting issue "server certificate change is restricted during renegotiation" when calling an outbound SSL service

Solution Unverified - Updated -

Issue

  • We found error when making a call to https service as follows:-
Caused by: HTTP transport error: javax.net.ssl.SSLHandshakeException: server certificate change is restrictedduring renegotiation
  • We see a temporary authentication failure for end users where we are getting the following issue when using an AD security domain for some applications we have deployed in JBOSS EAP 6.4.5:-
 javax.net.ssl.SSLHandshakeException: server certificate change is restricted during renegotiation
  • The users are experiencing Intermittent SSO problem in production.
PBOX000206: Login failure: javax.security.auth.login.LoginException: Unable to create new InitialLdapContext
...
Caused by: javax.naming.CommunicationException: simple bind failed: localhost [Root exception is javax.net.ssl.SSLHandshakeException: server certificate change is restricted during renegotiation]
...
Caused by: javax.net.ssl.SSLHandshakeException: server certificate change is restricted during renegotiation

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6
    • 7
  • Red Hat Single Sign-On (RHSSO)
    • 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content