com.sun.xml.ws.client.ClientTransportException: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsepc09>

Java.net JIRA | Dennis MacConnell | 5 years ago
  1. 0

    The following CTS test cases are failing in the areas of security: Test case throws exception: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsesun27.us.oracle.com> com/sun/ts/tests/webservices12/sec/annotations/ejb/basicauthssl/Client.java#sayHelloDenyAll : Client_sayHelloDenyAll com/sun/ts/tests/webservices12/sec/annotations/ejb/basicauthssl/Client.java#sayHelloProtectedUnauthorizedUser : Client_sayHelloProtectedUnauthorizedUser com/sun/ts/tests/webservices12/sec/annotations/ejb/clientcert/Client.java#sayHelloDenyAll : Client_sayHelloDenyAll com/sun/ts/tests/webservices12/sec/descriptors/ejb/basicSSL/Client.java#secEjbBasicAuthorizedId_from_wsappclient : Client_secEjbBasicAuthorizedId_from_wsappclient com/sun/ts/tests/webservices12/sec/descriptors/ejb/basicSSL/Client.java#secEjbBasicAuthorizedId_from_wsejb : Client_secEjbBasicAuthorizedId_from_wsejb com/sun/ts/tests/webservices12/sec/descriptors/ejb/basicSSL/Client.java#secEjbBasicAuthorizedId_from_wsservlet : Client_secEjbBasicAuthorizedId_from_wsservlet com/sun/ts/tests/webservices12/sec/descriptors/servlet/basicSSL/Client.java#secWarBasicAuthorizedId_from_wsappclient : Client_secWarBasicAuthorizedId_from_wsappclient com/sun/ts/tests/webservices12/sec/descriptors/servlet/basicSSL/Client.java#secWarBasicAuthorizedId_from_wsejb : Client_secWarBasicAuthorizedId_from_wsejb com/sun/ts/tests/webservices12/sec/descriptors/servlet/basicSSL/Client.java#secWarBasicAuthorizedId_from_wsservlet : Client_secWarBasicAuthorizedId_from_wsservlet com/sun/ts/tests/webservices12/sec/annotations/ejb/basicauthssl/Client.java#sayHelloPermitAll : Client_sayHelloPermitAll com/sun/ts/tests/webservices12/sec/annotations/ejb/clientcert/Client.java#sayHelloPermitAll : Client_sayHelloPermitAll com/sun/ts/tests/webservices12/sec/annotations/ejb/basicauthssl/Client.java#sayHelloProtected : Client_sayHelloProtected com/sun/ts/tests/webservices12/sec/annotations/ejb/clientcert/Client.java#sayHelloProtected : Client_sayHelloProtected com/sun/ts/tests/webservices12/sec/descriptors/ejb/certificate/Client.java#secEjbCertificate : Client_secEjbCertificate com/sun/ts/tests/webservices12/sec/descriptors/servlet/certificate/Client.java#secWarCertificate : Client_secWarCertificate Test PASSES in GF3.1.1 FCS. Looks like a regression to me. These tests deal with certificates and the code is made to bypass host name verification as follows: Also in the test setup we bypass hostname verification via the following code so this looks like a REGRESSION. WE BYPASS HOSTNAME VERIFICATION VIA FOLLOWING CODE HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }); It looks setting the default hostname verifier on the HTTPs connection to bypass hostname verification is no longer being called. This seems to be the issue. This has worked all along up to this point. So the output shows failing due to wrong hostname. Here is a snippet of the output from one of the tests. They are all similar. 10-20-2011 13:15:28: setup ok 10-20-2011 13:15:28: Getting port from the Service : com.sun.ts.tests.webservices12.sec.annotations.ejb.basicauthssl.HelloService@14ff65b 10-20-2011 13:15:29: Setting username and password in WS port 10-20-2011 13:15:29: username=j2ee password=j2ee 10-20-2011 13:15:29: Setting the target endpoint address on WS port: https://jsepc09:1044/WSEjbBasicAuthSSL/HelloService/Hello 10-20-2011 13:15:29: Invoking sayHelloDenyAll with any user on Hello port 10-20-2011 13:15:29: Invocation must not be allowed (throw exception) 10-20-2011 13:15:30: ERROR: Exception at: 10-20-2011 13:15:30: ERROR: com.sun.xml.ws.client.ClientTransportException: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsepc09> at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:131) at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:219) at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:143) at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:139) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775) at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:116) at com.sun.enterprise.security.webservices.ClientSecurityPipe.processSecureRequest(ClientSecurityPipe.java:196) at com.sun.enterprise.security.webservices.ClientSecurityPipe.process(ClientSecurityPipe.java:184) at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775) at com.sun.xml.ws.client.Stub.process(Stub.java:417) at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:168) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:102) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:151) at $Proxy48.sayHelloDenyAll(Unknown Source) at com.sun.ts.tests.webservices12.sec.annotations.ejb.basicauthssl.Client.sayHelloDenyAll(Client.java:186) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at com.sun.ts.lib.harness.EETest.run(EETest.java:495) at com.sun.ts.lib.harness.EETest.getPropsReady(EETest.java:392) at com.sun.ts.lib.harness.EETest.run(EETest.java:252) at com.sun.ts.lib.harness.EETest.run(EETest.java:204) at com.sun.ts.tests.webservices12.sec.annotations.ejb.basicauthssl.Client.main(Client.java:57) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.glassfish.appclient.client.acc.AppClientContainer.launch(AppClientContainer.java:438) at org.glassfish.appclient.client.AppClientFacade.launch(AppClientFacade.java:182) at org.glassfish.appclient.client.AppClientGroupFacade.main(AppClientGroupFacade.java:65) Caused by: java.io.IOException: HTTPS hostname wrong: should be <jsepc09> at sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java:612) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:537) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1087) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:119) ... 38 more 10-20-2011 13:15:30: cleanup ok STATUS:Failed.Test case throws exception: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsepc09> result: Failed. Test case throws exception: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsepc09> test result: Failed. Test case throws exception: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsepc09> Here is some of the cacerts.jks info on key certificate info: keytool -list -v -keystore cacerts.jks Enter keystore password: ******************************************* ******************************************* Alias name: glassfish-instance Creation date: Oct 18, 2011 Entry type: trustedCertEntry Owner: CN=localhost-instance, OU=GlassFish, O=Oracle Corporation, L=Santa Clara, ST=California, C=US Issuer: CN=localhost-instance, OU=GlassFish, O=Oracle Corporation, L=Santa Clara, ST=California, C=US Serial number: 4e9d94c0 Valid from: Tue Oct 18 11:01:20 EDT 2011 until: Fri Oct 15 11:01:20 EDT 2021 Certificate fingerprints: MD5: B6:9E:FF:A6:53:7B:16:84:94:89:41:A5:BD:CE:9B:B1 SHA1: E4:71:3D:16:E5:92:CB:8D:33:3D:94:72:B9:FA:19:82:C2:9E:C9:A3 Signature algorithm name: SHA1withRSA Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 2A C9 6C 66 C9 5B 7F 86 3A C1 7B 88 84 30 7E 2D *.lf.[..:....0.- 0010: F2 9C 6E CC ..n. ] ] ******************************************* ******************************************* Alias name: s1as Creation date: Oct 18, 2011 Entry type: trustedCertEntry Owner: CN=localhost, OU=GlassFish, O=Oracle Corporation, L=Santa Clara, ST=California, C=US Issuer: CN=localhost, OU=GlassFish, O=Oracle Corporation, L=Santa Clara, ST=California, C=US Serial number: 4e9d94bd Valid from: Tue Oct 18 11:01:17 EDT 2011 until: Fri Oct 15 11:01:17 EDT 2021 Certificate fingerprints: MD5: 69:20:86:7D:40:9D:46:B5:6D:A6:93:9B:7C:6D:7B:30 SHA1: A5:81:78:04:0B:96:C5:5E:20:5C:86:AF:BD:62:BB:83:20:B8:F3:6A Signature algorithm name: SHA1withRSA Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 48 98 72 DA 89 F4 12 D2 66 98 A7 35 49 0B 94 4D H.r.....f..5I..M 0010: 40 D7 03 30 @..0 ] ] ******************************************* ******************************************* Alias name: cts Creation date: Oct 21, 2011 Entry type: trustedCertEntry Owner: CN=CTS, OU=Java Software, O=Sun Microsystems Inc., L=Burlington, ST=MA, C=US Issuer: CN=CTS, OU=Java Software, O=Sun Microsystems Inc., L=Burlington, ST=MA, C=US Serial number: 3f284563 Valid from: Wed Jul 30 18:23:31 EDT 2003 until: Thu Jan 02 17:23:31 EST 2020 Certificate fingerprints: MD5: 30:87:FD:83:F5:9A:7A:8D:F1:91:BC:E8:46:05:FD:6D SHA1: AC:8E:B3:8C:4E:44:C0:E3:F5:3A:9D:EE:06:FE:7B:CE:EB:56:3B:B9 Signature algorithm name: MD5withRSA Version: 1 . . .

    Java.net JIRA | 5 years ago | Dennis MacConnell
    com.sun.xml.ws.client.ClientTransportException: HTTP transport error: java.io.IOException: HTTPS hostname wrong: should be <jsepc09>
  2. 0

    Getting error while trying to creeate HttpsURLConnection through proxy

    Stack Overflow | 5 years ago
    java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 405 Method Not Allowed"
  3. 0

    error while start semsrv service | Symantec Connect

    symantec.com | 1 year ago
    java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.0 403 Blocked by Websense"
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

    6 unregistered visitors
    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. java.io.IOException

      HTTPS hostname wrong: should be <jsepc09>

      at sun.net.www.protocol.https.HttpsClient.checkURLSpoofing()
    2. Java RT
      HttpsURLConnectionImpl.getOutputStream
      1. sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java:612)
      2. sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:537)
      3. sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
      4. sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1087)
      5. sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
      5 frames
    3. JAX-WS RI Runtime Bundle
      AbstractTubeImpl.process
      1. com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:119)
      2. com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:219)
      3. com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:143)
      4. com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:139)
      5. com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
      6. com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
      7. com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
      8. com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
      9. com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:116)
      9 frames
    4. com.sun.enterprise
      ClientSecurityPipe.process
      1. com.sun.enterprise.security.webservices.ClientSecurityPipe.processSecureRequest(ClientSecurityPipe.java:196)
      2. com.sun.enterprise.security.webservices.ClientSecurityPipe.process(ClientSecurityPipe.java:184)
      2 frames
    5. JAX-WS RI Runtime Bundle
      SEIStub.invoke
      1. com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
      2. com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
      3. com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
      4. com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
      5. com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
      6. com.sun.xml.ws.client.Stub.process(Stub.java:417)
      7. com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:168)
      8. com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:119)
      9. com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:102)
      10. com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:151)
      10 frames
    6. Unknown
      $Proxy48.sayHelloDenyAll
      1. $Proxy48.sayHelloDenyAll(Unknown Source)
      1 frame
    7. com.sun.ts
      Client.sayHelloDenyAll
      1. com.sun.ts.tests.webservices12.sec.annotations.ejb.basicauthssl.Client.sayHelloDenyAll(Client.java:186)
      1 frame
    8. Java RT
      Method.invoke
      1. sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      2. sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      3. sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      4. java.lang.reflect.Method.invoke(Method.java:601)
      4 frames
    9. com.sun.ts
      Client.main
      1. com.sun.ts.lib.harness.EETest.run(EETest.java:495)
      2. com.sun.ts.lib.harness.EETest.getPropsReady(EETest.java:392)
      3. com.sun.ts.lib.harness.EETest.run(EETest.java:252)
      4. com.sun.ts.lib.harness.EETest.run(EETest.java:204)
      5. com.sun.ts.tests.webservices12.sec.annotations.ejb.basicauthssl.Client.main(Client.java:57)
      5 frames
    10. Java RT
      Method.invoke
      1. sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      2. sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      3. sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      4. java.lang.reflect.Method.invoke(Method.java:601)
      4 frames
    11. org.glassfish.appclient
      AppClientGroupFacade.main
      1. org.glassfish.appclient.client.acc.AppClientContainer.launch(AppClientContainer.java:438)
      2. org.glassfish.appclient.client.AppClientFacade.launch(AppClientFacade.java:182)
      3. org.glassfish.appclient.client.AppClientGroupFacade.main(AppClientGroupFacade.java:65)
      3 frames