Jersey error to connect to service using https on Java 6

Question

I'm running a REST service on Wildfly 9 using https with a self signed certificate using this configuration.

To bypass the ssl verification I'm using this code:

public static Client createIgnoreSSLClient() {
    ClientConfig clientConfig = new ClientConfig();
    clientConfig.connectorProvider(new HttpUrlConnectorProvider());
    SSLContext sslcontext;
    try {
        sslcontext = SSLContext.getInstance("SSL");
        sslcontext.init(null, new TrustManager[]{new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
            public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
            public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }

        }}, new java.security.SecureRandom());
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    return ClientBuilder.newBuilder()
            .sslContext(sslcontext)
            .hostnameVerifier(createDummyHostnameVerifier())
            .withConfig(clientConfig)
            .build();
}   

I'm using Jersey 2.6 to keep compatibility with Java 6 (Some applications are running in Jboss 4).

<dependency>
    <groupId>org.glassfish.jersey.core</groupId>
    <artifactId>jersey-client</artifactId>
    <version>2.6</version>
</dependency>  

<dependency>
    <groupId>org.glassfish.jersey.media</groupId>
    <artifactId>jersey-media-moxy</artifactId>
    <version>2.6</version>
</dependency>

Everything works fine using Java 8 and 7. Using Java 6 I receive this error:

21/07/2016 16:38:36 org.glassfish.jersey.client.ClientRequest writeEntity
SEVERE: Error while committing the request output stream.
javax.net.ssl.SSLException: Received fatal alert: unexpected_message
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1682)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:904)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
    at org.glassfish.jersey.client.HttpUrlConnector$3.getOutputStream(HttpUrlConnector.java:312)
    at org.glassfish.jersey.message.internal.CommittingOutputStream.commitStream(CommittingOutputStream.java:200)
    at org.glassfish.jersey.message.internal.CommittingOutputStream.commitStream(CommittingOutputStream.java:194)
    at org.glassfish.jersey.message.internal.CommittingOutputStream.commit(CommittingOutputStream.java:262)
    at org.glassfish.jersey.message.internal.OutboundMessageContext.commitStream(OutboundMessageContext.java:812)
    at org.glassfish.jersey.client.ClientRequest.writeEntity(ClientRequest.java:543)
    at org.glassfish.jersey.client.HttpUrlConnector._apply(HttpUrlConnector.java:315)
    at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:227)
    at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
    at org.glassfish.jersey.client.JerseyInvocation$2.call(JerseyInvocation.java:671)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
    at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
    at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:667)
    at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:423)
    at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:311)
    at com.oki.casi.client.TesteLogin.testeLoginHttps(TesteLogin.java:79)
    at com.oki.casi.client.TesteLogin.main(TesteLogin.java:58)
Exception in thread "main" javax.ws.rs.WebApplicationException: HTTP 500 Internal Server Error
    at org.eclipse.persistence.jaxb.rs.MOXyJsonProvider.writeTo(MOXyJsonProvider.java:810)
    at org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.invokeWriteTo(WriterInterceptorExecutor.java:263)
    at org.glassfish.jersey.message.internal.WriterInterceptorExecutor$TerminalWriterInterceptor.aroundWriteTo(WriterInterceptorExecutor.java:250)
    at org.glassfish.jersey.message.internal.WriterInterceptorExecutor.proceed(WriterInterceptorExecutor.java:162)
    at org.glassfish.jersey.message.internal.MessageBodyFactory.writeTo(MessageBodyFactory.java:1154)
    at org.glassfish.jersey.client.ClientRequest.writeEntity(ClientRequest.java:500)
    at org.glassfish.jersey.client.HttpUrlConnector._apply(HttpUrlConnector.java:315)
    at org.glassfish.jersey.client.HttpUrlConnector.apply(HttpUrlConnector.java:227)
    at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
    at org.glassfish.jersey.client.JerseyInvocation$2.call(JerseyInvocation.java:671)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
    at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
    at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
    at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:667)
    at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:423)
    at org.glassfish.jersey.client.JerseyInvocation$Builder.put(JerseyInvocation.java:311)
    at com.oki.casi.client.TesteLogin.testeLoginHttps(TesteLogin.java:79)
    at com.oki.casi.client.TesteLogin.main(TesteLogin.java:58)
Caused by: javax.xml.bind.MarshalException

Edit: I'm trying to solve this issue testing the client accessing two servers, Jboss 7.1.1 and Wildfly 9.0.2.

In Jboss 7, I can make client work with https changing protocol from TLSv1 to SSL:

<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
    <ssl name="ciac-ssl" key-alias="ciac-cert" password="123456" certificate-key-file="../standalone/configuration/ciac-cert.keystore" protocol="SSL"/>
</connector>

How Can I change this configuration in Wildfly?

Answer 1

If I understand correctly, you get the SSLException in your client application which runs under Java 6. In this client you are trying to access a service hosted on Wildfly 9, which is using Java 7 or higher. This means the server is using a different security mechanism. I stumbled upon the same earlier and as you can see there is no conclusion to that post either.

And it makes sense if you think about it, why make it possible for the developer to create services which are using outdated and unsafe security mechanisms?

Eventually we decided to go with a JDK update. You could also attempt to host JBoss 4 under JDK7. For example here you could find some interesting writings on the topic.