Menu
▾
▴
Re: [Quickfixj-users] Problem with SSL and JdK 11
|
From: Christoph J. <chr...@ma...> - 2021-01-26 13:24:25
|
Hi, I am not familiar with Apache Camel and only a little with Spring Boot, but there are at least two implementations of QuickFIX/J Spring Boot starters which are up-to-date. But I don't know if you can use them within your setup. https://github.com/esanchezros/quickfixj-spring-boot-starter https://github.com/gevoulga/spring-boot-quickfixj Cheers, Chris. On 26.01.21 14:15, seb...@or... wrote: > QuickFIX/J Documentation: http://www.quickfixj.org/documentation/ > QuickFIX/J Support: http://www.quickfixj.org/support/ > > > > Hi, > > Thank for your answer. > > I use the dependency camel-spring-boot-dependencies:2.24.3 : > https://mvnrepository.com/artifact/org.apache.camel/camel-spring-boot-dependencies/2.24.3 > <https://mvnrepository.com/artifact/org.apache.camel/camel-spring-boot-dependencies/2.24.3> > > It comes with camel-quickfix-2.24.3. QuickfixJ version in this dependency is 2.1.0. > > But you are right, this dependency come with mina.core-2.0.17 too. > > It seem to take place of the mina-core-2.0.19 dependency included to quickfixJ-2.1.0. > > I tried last week to update to the last stable version of camel-spring-boot-dependencies : 2.25.3, > but it comes again with mina-core-2.0.17. > > I will try to update to a more recent version of camel-spring-boot-dependencies, even if it is RC. > > Cheers, > > Sebastien. > > *De :*Christoph John <chr...@ma...> > *Envoyé :* mardi 26 janvier 2021 13:19 > *À :* qui...@li...; MEDARD Sebastien OBS/DD <seb...@or...> > *Objet :* Re: [Quickfixj-users] Problem with SSL and JdK 11 > > Hi, > > did you try a newer QFJ version? QFJ 2.2.0 contains MINA 2.1.3. > Apart from that, you mentioned that you are using QFJ 2.1.0 but the log output shows > mina-core-2.0.17. QFJ 2.1.0 contains MINA 2.0.19 which also contained some SSL-related fixes. > > Cheers, > Chris. > > > On 26.01.21 12:42, seb...@or... <mailto:seb...@or...> wrote: > > QuickFIX/J Documentation:http://www.quickfixj.org/documentation/ <http://www.quickfixj.org/documentation/> > > QuickFIX/J Support:http://www.quickfixj.org/support/ <http://www.quickfixj.org/support/> > > > > Hi, > > I come back with the problem of SSL error with QuickfixJ and Jdk11. > > I put apache.mina in debug too, I try to change the cipher suites with a stronger one which is > present in jdk11, I try to use another Jdk11 docker image, I try to use a jdk14 docker image. > > But I’m still have the error : > > DEBUG 10 --- [ NioProcessor-2] org.apache.mina.filter.ssl.SslFilter : Adding the SSL Filter > SslFilter to the chain > > DEBUG 10 --- [ NioProcessor-2] org.apache.mina.filter.ssl.SslHandler : Session Server[1](no > sslEngine) Initializing the SSL Handler > > DEBUG 10 --- [ NioProcessor-2] org.apache.mina.filter.ssl.SslHandler : Session Server[1](no > sslEngine) SSL Handler Initialization done > > DEBUG 10 --- [ NioProcessor-2] org.apache.mina.filter.ssl.SslFilter : Session > Server[1](ssl...) : Starting the first handshake > > 2021-01-26 09:16:02.152 DEBUG 10 --- [ NioProcessor-2] org.apache.mina.filter.ssl.SslHandler : > Session Server[1](ssl...) processing the NEED_UNWRAP state > > INFO 10 --- [ NioProcessor-2] q.mina.acceptor.AcceptorIoHandler : MINA session created: > local=/172.18.8.62:1085, class org.apache.mina.transport.socket.nio.NioSocketSession, > remote=/172.18.0.152:35990 > javax.net.ssl|ALL|3C|NioProcessor-2|2021-01-26 09:16:02.154 GMT|SSLEngineImpl.java:752|Closing > outbound of SSLEngine > javax.net.ssl|WARNING|3C|NioProcessor-2|2021-01-26 09:16:02.156 > GMT|SSLEngineOutputRecord.java:168|outbound has closed, ignore outbound application data > > ERROR 10 --- [ NioProcessor-2] q.mina.acceptor.AcceptorIoHandler : Socket > (/172.18.0.152:35990): javax.net.ssl.SSLException: Improper close state: Status = OK > HandshakeStatus = NEED_WRAP > bytesConsumed = 0 bytesProduced = 7 sequenceNumber = 0 > > javax.net.ssl.SSLException: Improper close state: Status = OK HandshakeStatus = NEED_WRAP > bytesConsumed = 0 bytesProduced = 7 sequenceNumber = 0 > at org.apache.mina.filter.ssl.SslHandler.closeOutbound(SslHandler.java:502) > ~[mina-core-2.0.17.jar!/:na] > at org.apache.mina.filter.ssl.SslFilter.initiateClosure(SslFilter.java:768) > ~[mina-core-2.0.17.jar!/:na] > at org.apache.mina.filter.ssl.SslFilter.filterClose(SslFilter.java:702) > ~[mina-core-2.0.17.jar!/:na] > > > … > javax.net.ssl|ALL|3C|NioProcessor-2|2021-01-26 09:16:02.162 GMT|SSLEngineImpl.java:724|Closing > inbound of SSLEngine > javax.net.ssl|ERROR|3C|NioProcessor-2|2021-01-26 09:16:02.163 > GMT|TransportContext.java:341|Fatal (INTERNAL_ERROR): closing inbound before receiving peer's > close_notify ( > "throwable" : { > javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify > at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133) > > DEBUG 10 --- [ NioProcessor-2] org.apache.mina.filter.ssl.SslHandler : Unexpected exception > from SSLEngine.closeInbound(). > javax.net.ssl.SSLException: closing inbound before receiving peer's close_notify > at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133) ~[na:na] > > javax.net.ssl|WARNING|3C|NioProcessor-2|2021-01-26 09:16:02.164 > GMT|SSLEngineOutputRecord.java:168|outbound has closed, ignore outbound application data > > I get this error even if no client try to connect on my module. > > If someone have suggestions or ideas on this problem, I’m interested. > > Best regards, > > Sebastien. > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > > they should not be distributed, used or copied without authorisation. > > If you have received this email in error, please notify the sender and delete this message and its attachments. > > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > > Thank you. > > > > > _______________________________________________ > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > > > _______________________________________________ > Quickfixj-users mailing list > Qui...@li... > https://lists.sourceforge.net/lists/listinfo/quickfixj-users -- Christoph John Software Engineering T +49 241 557080-28 chr...@ma... MACD GmbH Oppenhoffallee 103 52066 Aachen, Germany www.macd.com Amtsgericht Aachen: HRB 8151 Ust.-Id: DE 813021663 Geschäftsführer: George Macdonald |
