Bug 1318138

Summary: SSL - anonymouse mode - connection fails
Product: [JBoss] JBoss Data Virtualization 6 Reporter: Juraj Duráni <jdurani>
Component: TeiidAssignee: Van Halbert <vhalbert>
Status: CLOSED NOTABUG QA Contact: Juraj Duráni <jdurani>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.3.0CC: aszczucz, blafond, jolee, mbaluch, thauser, vhalbert
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-17 19:39:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Juraj Duráni 2016-03-16 07:37:38 UTC 
Description of problem:
If ssl-authentication-mode is set to anonymouse no certificates should be required. But if configuration of Teiid contains keystore-name which points to keystore with expired certificate, attempt to connect to Teiid fails.

Exception:
org.teiid.jdbc.TeiidSQLException: TEIID20020 Error establishing socket to host and port: localhost:31000. Reason: java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46 CET 2016
	at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135)
	at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71)
	at org.teiid.jdbc.SocketProfile.connect(SocketProfile.java:66)
	at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:107)
	at oeg.jboss.qe.ssl.SimpleSslTest.test(SimpleSslTest.java:160)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:483)
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:80)
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:714)
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:901)
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1231)
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:127)
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111)
	at org.testng.TestRunner.privateRun(TestRunner.java:767)
	at org.testng.TestRunner.run(TestRunner.java:617)
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:334)
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329)
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:291)
	at org.testng.SuiteRunner.run(SuiteRunner.java:240)
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1198)
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1123)
	at org.testng.TestNG.run(TestNG.java:1031)
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:70)
	at org.apache.maven.surefire.testng.TestNGDirectoryTestSuite.execute(TestNGDirectoryTestSuite.java:108)
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:111)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:483)
	at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:164)
	at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:110)
	at org.apache.maven.surefire.booter.SurefireStarter.invokeProvider(SurefireStarter.java:172)
	at org.apache.maven.surefire.booter.SurefireStarter.runSuitesInProcessWhenForked(SurefireStarter.java:104)
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:70)
Caused by: org.teiid.net.socket.SingleInstanceCommunicationException: TEIID20020 Error establishing socket to host and port: localhost:31000. Reason: java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46 CET 2016
	at org.teiid.net.socket.SocketServerConnection.selectServerInstance(SocketServerConnection.java:161)
	at org.teiid.net.socket.SocketServerConnection.<init>(SocketServerConnection.java:95)
	at org.teiid.net.socket.SocketServerConnectionFactory.getConnection(SocketServerConnectionFactory.java:316)
	at org.teiid.jdbc.SocketProfile.connect(SocketProfile.java:64)
	... 35 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46 CET 2016
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1917)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:301)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:295)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1369)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:156)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:925)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:860)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1043)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1343)
	at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:909)
	at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
	at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
	at java.io.BufferedInputStream.read(BufferedInputStream.java:265)
	at java.io.DataInputStream.readInt(DataInputStream.java:387)
	at org.teiid.netty.handler.codec.serialization.ObjectDecoderInputStream.readObjectOverride(ObjectDecoderInputStream.java:97)
	at java.io.ObjectInputStream.readObject(ObjectInputStream.java:365)
	at org.teiid.net.socket.OioOjbectChannelFactory$OioObjectChannel.read(OioOjbectChannelFactory.java:117)
	at org.teiid.net.socket.SocketServerInstanceImpl.doHandshake(SocketServerInstanceImpl.java:128)
	at org.teiid.net.socket.SocketServerInstanceImpl.connect(SocketServerInstanceImpl.java:96)
	at org.teiid.net.socket.SocketServerConnectionFactory.getServerInstance(SocketServerConnectionFactory.java:277)
	at org.teiid.net.socket.SocketServerConnection.connect(SocketServerConnection.java:239)
	at org.teiid.net.socket.SocketServerConnection.selectServerInstance(SocketServerConnection.java:125)
	... 38 more
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Fri Feb 26 11:07:46 CET 2016
	at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:274)
	at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:629)
	at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:188)
	at sun.security.validator.Validator.validate(Validator.java:260)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1351)
	... 56 more
Comment 1 JBoss JIRA Server 2016-03-17 19:36:36 UTC 
Steven Hawkins <shawkins> updated the status of jira TEIID-4079 to Resolved
Comment 2 Van Halbert 2016-03-17 19:39:04 UTC 
The Teiid jira has been rejected and explains why this is not an issue.
Comment 3 JBoss JIRA Server 2016-06-03 21:03:39 UTC 
Steven Hawkins <shawkins> updated the status of jira TEIID-4079 to Closed