<Invalid/unknown SSL header was received from peer nakina-132.nakinasys.loc - Weblogic
This is a discussion on <Invalid/unknown SSL header was received from peer nakina-132.nakinasys.loc - Weblogic ; Hello,
Using 8.1 I am running in a clustered environment. I have 1 question and 1 issue.
I have an Admin server, a managed server, and a load balancer (as a managed server also). I am trying to enable SSL ...
-
<Invalid/unknown SSL header was received from peer nakina-132.nakinasys.loc
Hello,
Using 8.1 I am running in a clustered environment. I have 1 question and 1 issue.
I have an Admin server, a managed server, and a load balancer (as a managed server also). I am trying to enable SSL on the load balancer. My first question is regarding the startup. When I start my managed servers, I noticed them loading the keystores numerous times:
If I enable SSL debug logs I see this exception:
<000000>
<000000>
weblogic.security.service.NotYetInitializedExcepti on: [Security:090392]SecurityServiceManager not yet initialized.
at weblogic.security.service.SecurityServiceManagerDe legateImpl.getSecurityService(SecurityServiceManag erDelegateImpl.java:156)
at weblogic.security.service.SecurityServiceManager.g etSecurityService(SecurityServiceManager.java:175)
at weblogic.security.utils.SSLSetup.getTrustedCAs(SSL Setup.java:705)
at weblogic.security.utils.SSLSetup.getSSLContext(SSL Setup.java:548)
at weblogic.security.SSL.SSLSocketFactory.(SSLSocketFactory.java:71)
at weblogic.security.SSL.SSLSocketFactory.getJSSE(SSL SocketFactory.java:101)
at weblogic.net.http.HttpClient.New(HttpClient.java:2 09)
at weblogic.net.http.HttpsURLConnection.getHttpClient (HttpsURLConnection.java:246)
at weblogic.net.http.HttpsURLConnection.connect(Https URLConnection.java:217)
at weblogic.management.Admin.checkAdminServerIsRunnin g(Admin.java:1545)
at weblogic.management.Admin.isAdminServerRunning(Adm in.java:1617)
at weblogic.management.Admin.createInstance(Admin.jav a:1399)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java :770)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:670 )
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:344)
at weblogic.Server.main(Server.java:32)
It does not seem to stop the server from running and eventually things quiet down. Any reason/need/way to fix this?
*******************************
Second issue. I am using a servlet through the load balancer to forward to my managed app server. Below is a snippet from my web.xml file:
HttpClusterServlet
weblogic.servlet.proxy.HttpClusterServlet
WebLogicCluster
nakina-132:9002
SecureProxy
ON
As I understand, this should enable the SSL with the SecureProxy parameter. However I get the error on the managed server running port 9002 as it's SSL port:
If I remove the SecureProxy parameter, I get much more complaining about Plaintext:
<![CDATA[<br /> <Nov 16, 2004 2:59:24 PM EST> <Warning> <Security> <BEA-090475> <Plaintext data for protocol HTTP was received from peer nakina-132.nakinasys.local - 192.168.0.87 instead of an SSL handshake.><br /> <Nov 16, 2004 2:59:26 PM EST> <Warning> <Security> <BEA-090475> <Plaintext data for protocol HTTP was received from peer nakina-132.nakinasys.local - 192.168.0.87 instead of an SSL handshake.><br /> <br />
So I believe it is trying to use SSL with the SecureProxy parameter set (at least something changes). But why am I still getting the Invalid/unknown SSL header error. Enabling the SSL debug logs does not really provide much more information, that I can see.<br /> <br />
All servers are being run through the same domain. SSL is enabled on all servers, and listen ports disabled. My webtier has the transport-guarantee set to CONFIDENTIAL.<br /> <br />
Thanks in advance,<br />
Denis.<br /> <!-- google_ad_section_end --> </blockquote> </div> </div> </div> <div class="cleardiv"></div> </div> </div> <div class="postfoot"> <div id="vbseo_vhtml_3"></div> </div> <hr /> </li> <li class="postbitlegacy postbitim postcontainer" id="post_601357"> <div class="posthead"> <div id="vbseo_vhtml_4"></div> </div> <div class="postdetails"> <div class="userinfo"> <div id="vbseo_vhtml_2"></div> </div> <div class="postbody"> <div class="postrow"> <h2 class="title icon"> <!-- google_ad_section_start -->Re: <Invalid/unknown SSL header was received from peer nakina-132.nakinasys.loc<!-- google_ad_section_end --> </h2> <div class="content"> <div id="post_message_601357"> <blockquote class="postcontent restore "> <!-- google_ad_section_start -->The multiple loading keystore messages is just a performance issue. Not initialized exceptions in the debug log are normal because the managed server has not received its configuration from the admin server yet.<br /> <br />
The second issue might be caused by an unsupported version number in the ssl header. I'd file a support case for this.<br /> <br />
Pavel.<br /> <!-- google_ad_section_end --> </blockquote> </div> </div> </div> <div class="cleardiv"></div> </div> </div> <div class="postfoot"> <div id="vbseo_vhtml_6"></div> </div> <hr /> </li> </ol> <div class="separator"></div> <div class="postlistfoot"> </div> </div> <div id="below_postlist" class="noinlinemod below_postlist"> <a rel="nofollow" href="http://fixunix.com/newreply.php?p=601357&noquote=1"
class="newcontent_textcontrol" id="newreplylink_bottom"
><span>+</span> Reply to Thread</a> <div id="pagination_bottom" class="pagination_bottom"> </div> </div> <div class="navlinks"> <strong>«</strong> <a href="http://fixunix.com/weblogic/226799-authenticator-present-visible-but-not-validating-password.html" >Authenticator present and visible but not validating Password</a>
|
<a href="http://fixunix.com/weblogic/226800-test-custom-identity-asserter.html" >Test custom Identity Asserter</a> <strong>»</strong> </div> <div id="thread_info" class="thread_info block"> </div> <div id="ad_global_above_footer"> <div align="center"> <script type='text/javascript'>
GA_googleFillSlot("FixUnix-Bottom");
</script> </div> </div> <div id="footer" class="floatcontainer footer"> <form action="http://fixunix.com/forum.php" method="get" id="footer_select" class="footer_select"> </form> <ul id="footer_links" class="footer_links"> <li><a href="mailto:webmaster@fixunix.com" rel="nofollow" accesskey="9">Contact Us</a></li> <li><a rel="nofollow" href="http://fixunix.com/">Unix Linux Forum</a></li> <li><a rel="nofollow" href="http://fixunix.com/privacy_policy.php">Privacy Statement</a></li> <li><a rel="nofollow" href="http://fixunix.com/weblogic/226794-invalid-unknown-ssl-header-received-peer-nakina-132-nakinasys-loc.html#top" onclick="document.location.hash='top'; return false;">Top</a></li> </ul> <script type="text/javascript"> <!--
// Main vBulletin Javascript Initialization
vBulletin_init();
//--> </script> </div> </div> <div class="below_body"> <div id="footer_time" class="shade footer_time">All times are GMT. The time now is <span class="time">04:59 AM</span>.</div> <div id="footer_copyright" class="shade footer_copyright">
Powered by <a onclick="_gaq.push(['_trackEvent', 'Outgoing', 'www.vbulletin.com', '']);" rel="nofollow" href="http://www.vbulletin.com" id="vbulletinlink">vBulletin™</a> Version 4.1.3 <br />Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.
<br /><!-- google_ad_section_start(weight=ignore) -->Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.<!-- google_ad_section_end --> </div> <div id="footer_morecopyright" class="shade footer_morecopyright">
Maintained by <a onclick="_gaq.push(['_trackEvent', 'Outgoing', 'infnx.com', '']);" href="http://infnx.com">Infnx</a> </div> </div>
<script type="text/javascript">
//<![CDATA[
var vbseo_jshtml = new Array();
vbseo_jshtml[0] = "<ol> </ol>";
vbseo_jshtml[1] = " <span class=\"postdate old\"> <span class=\"date\">10-09-2007 <span class=\"time\">11:47 PM</span></span> </span> <span class=\"nodecontrols\"> <a name=\"post601346\" href=\"http://fixunix.com/weblogic/226794-invalid-unknown-ssl-header-received-peer-nakina-132-nakinasys-loc.html#post601346\" class=\"postcounter\">#1</a><a id=\"postcount601346\" name=\"1\"></a> </span> ";
vbseo_jshtml[2] = " <div class=\"username_container\"> <div class=\"popupmenu memberaction\"> <a rel=\"nofollow\" class=\"username offline \" href=\"http://fixunix.com/members/unix.html\" title=\"unix is offline\"><strong><!-- google_ad_section_start(weight=ignore) -->unix<!-- google_ad_section_end --></strong></a> </div> <img class=\"inlineimg onlinestatus\" src=\"http://fixunix.com/images/statusicon/user-offline.png\" alt=\"unix is offline\" border=\"0\" /> </div> <span class=\"usertitle\"> Junior Member </span> <hr /> <dl class=\"userinfo_extra\"> <dt>Join Date</dt> <dd>Sep 2009</dd> <dt>Posts</dt> <dd>0</dd> </dl> <div class=\"imlinks\"> </div> ";
vbseo_jshtml[3] = " <div class=\"textcontrols floatcontainer\"> <span class=\"postcontrols\"> <img style=\"display:none\" id=\"progress_601346\" src=\"http://fixunix.com/images/misc/progress.gif\" alt=\"\" /> <a id=\"qrwq_601346\" class=\"newreply\" href=\"http://fixunix.com/newreply.php?do=newreply&p=601346\" rel=\"nofollow\"><img id=\"quoteimg_601346\" src=\"http://fixunix.com/clear.gif\" alt=\"Reply With Quote\" /> Reply With Quote</a> </span> <span class=\"postlinking\"> </span> </div> ";
vbseo_jshtml[4] = " <span class=\"postdate old\"> <span class=\"date\">10-09-2007 <span class=\"time\">11:48 PM</span></span> </span> <span class=\"nodecontrols\"> <a name=\"post601357\" href=\"http://fixunix.com/weblogic/226794-invalid-unknown-ssl-header-received-peer-nakina-132-nakinasys-loc.html#post601357\" class=\"postcounter\">#2</a><a id=\"postcount601357\" name=\"2\"></a> </span> ";
vbseo_jshtml[5] = " <div class=\"username_container\"> <div class=\"popupmenu memberaction\"> <a rel=\"nofollow\" class=\"username offline \" href=\"http://fixunix.com/members/unix.html\" title=\"unix is offline\"><strong><!-- google_ad_section_start(weight=ignore) -->unix<!-- google_ad_section_end --></strong></a> </div> <img class=\"inlineimg onlinestatus\" src=\"http://fixunix.com/images/statusicon/user-offline.png\" alt=\"unix is offline\" border=\"0\" /> </div> <span class=\"usertitle\"> Junior Member </span> <hr /> <dl class=\"userinfo_extra\"> <dt>Join Date</dt> <dd>Sep 2009</dd> <dt>Posts</dt> <dd>0</dd> </dl> <div class=\"imlinks\"> </div> ";
vbseo_jshtml[6] = " <div class=\"textcontrols floatcontainer\"> <span class=\"postcontrols\"> <img style=\"display:none\" id=\"progress_601357\" src=\"http://fixunix.com/images/misc/progress.gif\" alt=\"\" /> <a id=\"qrwq_601357\" class=\"newreply\" href=\"http://fixunix.com/newreply.php?do=newreply&p=601357\" rel=\"nofollow\"><img id=\"quoteimg_601357\" src=\"http://fixunix.com/clear.gif\" alt=\"Reply With Quote\" /> Reply With Quote</a> </span> <span class=\"postlinking\"> </span> </div> ";
for(var vi=0;vi<vbseo_jshtml.length;vi++)
if(fetch_object("vbseo_vhtml_"+vi))fetch_object("vbseo_vhtml_"+vi).innerHTML = vbseo_jshtml[vi];
window.orig_onload = window.onload;
window.onload = function() {
var cpost=document.location.hash.substring(1);var cpost2='';if(cpost){ var ispost=cpost.substring(0,4)=='post';if(ispost)cpost2='post_'+cpost.substring(4);if((cobj = fetch_object(cpost))||(cobj = fetch_object(cpost2))){cobj.scrollIntoView(true);}else if(ispost){cpostno = cpost.substring(4,cpost.length);if(parseInt(cpostno)>0){location.replace('http://fixunix.com/showthread.php?p='+cpostno);};} }
if(typeof window.orig_onload == "function") window.orig_onload();
}
//]]]]><![CDATA[>
</script>
</body> </html> ]]></plaintext></bea-090475></security></warning></nov></invalid></bea-090476></security></warning></nov></invalid></bea-090476></security></warning></nov></init></tls></debug></nov></sslsetup:></tls></debug></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></loading></bea-090169></security></notice></nov></blockquote></div></div></div></div></div></li></ol></div></div></div>
