Home/ Questions/Q 8245399
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T22:09:58+00:00

I’ve turned on the SSL client authentication for the web services deployed on ServiceMix

  • 0

I’ve turned on the SSL client authentication for the web services deployed on ServiceMix server. I have imported both client and server certificate. I’ve tested it with stand-alone application and everything was working fine. But when I try to call this web service from application deployed on the Tomcat, I get exception:

Caused by: java.net.SocketException: Software caused connection abort: recv failed
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.read(SocketInputStream.java:150)
    at java.net.SocketInputStream.read(SocketInputStream.java:121)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:312)
    at sun.security.ssl.InputRecord.read(InputRecord.java:350)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
    at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1689)
    at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
    at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:972)
    at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1083)
    at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1002)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:282)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:998)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:523)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1087)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1916)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1871)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1934)
    at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47)
    at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    ... 107 more

I’ve got recv failed message from stand-alone java app, when I failed to specify keyStore with client private key. The stack trace, however, was other:

Exception in thread "main" com.sun.xml.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException.

java.net.SocketException: Software caused connection abort: recv failed
java.net.SocketException: Software caused connection abort: recv failed

    at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:172)
    at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)
    at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:263)
    at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:226)
    at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:174)
    at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)
    at javax.xml.ws.Service.<init>(Service.java:56)

I’ve failed to read WSDL in that case. But on Tomcat, WSDL is read, but the error is thrown when CXF try to send the message.

What could cause that error on Tomcat? Is it the certificate problem? The Java variables pointing to both trustStore and keyStore are THE SAME in both cases:

javax.net.ssl.keyStoreType=jks
javax.net.ssl.trustStoreType=jks
javax.net.ssl.keyStore=c:/cert/gen.keystore
javax.net.ssl.trustStore=c:/cert/client.keystore
javax.net.ssl.keyStorePassword=changeit
javax.net.ssl.trustStorePassword=changeit

Java:
java version “1.6.0_30”
Java(TM) SE Runtime Environment (build 1.6.0_30-b12)
Java HotSpot(TM) Client VM (build 20.5-b03, mixed mode, sharing)

Tomcat: 6.0.26

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Even I used to get the same error. But when I do one of the following it doesn’t occur

    1. Restart the server.
    2. Regenerate the certs.

    3. Try to set all of these variables from the server side, meaning in Tomcat’s server.xml file:

      javax.net.ssl.keyStoreType=jks
javax.net.ssl.trustStoreType=jks
javax.net.ssl.keyStore=c:/cert/gen.keystore
javax.net.ssl.trustStore=c:/cert/client.keystore
javax.net.ssl.keyStorePassword=changeit
javax.net.ssl.trustStorePassword=changeit
    • 0