2

In a connection to a server we get errors such as:

<errorCode>101500</errorCode><errorMessage>Error in Sender</errorMessage>

Is there a way to get more information on the cause, except from "Error in Sender"?

Note: In the SSL transport sender I have set AllowAll for the HostnameVerifier

<transportSender name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">
    <parameter name="non-blocking" locked="false">true</parameter>
    <parameter name="http.proxyHost" locked="false">internet.proxy</parameter>
    <parameter name="http.proxyPort" locked="false">8080</parameter>
    <parameter name="http.nonProxyHosts" locked="false">localhost</parameter>
    <parameter name="HostnameVerifier">AllowAll</parameter>

Here is some more in detail log (wso2-esb-errors.log). Note that sometimes the messages are delivered correctly to the remote server. The remote server is maintained by a customer on which I have no control. 

2016-08-30 05:06:51,995 [-] [HTTPS-Sender I/O dispatcher-1] ERROR TargetHandler I/O error: Received fatal alert: handshake_failure
javax.net.ssl.SSLException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
        at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1800)
        at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1083)
        at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:907)
        at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
        at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
        at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.java:228)
        at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:263)
        at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:391)
        at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:119)
        at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
        at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
        at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
        at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
        at java.lang.Thread.run(Thread.java:745)
Marc
  • 504
  • 4
  • 19

1 Answers1

1

This error can happen due to many reasons. See the reference below for more details.

  • Incompatible cipher suites in use by the client and the server. This would require the client to use (or enable) a cipher suite that is supported by the server.
  • Incompatible versions of SSL in use (the server might accept only TLS v1, while the client is capable of only using SSL v3). Again, the client might have to ensure that it uses a compatible version of the SSL/TLS protocol.
  • Incomplete trust path for the server certificate; the server's certificate is probably not trusted by the client. This would usually result in a more verbose error, but it is quite possible. Usually the fix is to import the server's CA certificate into the client's trust store.

Reference: Received fatal alert: handshake_failure through SSLHandshakeException

Arun s
  • 507
  • 3
  • 13
Bee
  • 11,225
  • 8
  • 39
  • 68
  • 1
    Thanks for the answer. You are right about SSl, but furhter investigation on our site, shows that the issue is on the provider of this service, not on our WSO2 ESB environment. – Marc Sep 01 '16 at 14:36