javax.naming.CommunicationException: java.net.SocketException: Connection reset [Root exception is javax.net.ssl.SSLException: java.net.SocketException: Connection reset]

Jenkins JIRA | DI2E SysAdmin | 2 years ago
  1. 0

    I am attempting to use the inherent StartTLS over LDAP support in the Active Directory plugin. If I'm reading the docs correctly, it should 'just work'. I perused the code and saw that it seems to trust any cert. Here's what I see in the logs: {code} Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Attempting to resolve _gc._tcp.ABCDMZ._sites.my.domain to SRV record Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Attempting to resolve _ldap._tcp.ABCDMZ._sites.my.domain to SRV record Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm SRV record found: 0 100 389 RODC07.my.domain. Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm _ldap._tcp.ABCDMZ._sites.my.domain resolved to [RODC07.my.domain:389] Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Connecting to ldap://RODC07.my.domain:389/ Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Failed to start TLS. Authentication will be done via plain-text LDAP javax.naming.CommunicationException: java.net.SocketException: Connection reset [Root exception is javax.net.ssl.SSLException: java.net.SocketException: Connection reset] at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3259) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:448) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:392) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:239) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:196) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:140) at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:74) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:86) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:724) Caused by: javax.net.ssl.SSLException: java.net.SocketException: Connection reset at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1844) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1808) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1753) at sun.security.ssl.AppInputStream.read(AppInputStream.java:113) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read1(BufferedInputStream.java:275) at java.io.BufferedInputStream.read(BufferedInputStream.java:334) at com.sun.jndi.ldap.Connection.run(Connection.java:849) ... 1 more Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:189) at java.net.SocketInputStream.read(SocketInputStream.java:121) at sun.security.ssl.InputRecord.readFully(InputRecord.java:442) at sun.security.ssl.InputRecord.read(InputRecord.java:480) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882) at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) ... 5 more {code} This DC serves up normal LDAP and LDAPS to other apps, and I can connect to it with LDAP + StartTLS using Apache Directory Studio, so I know its certificate is installed properly.

    Jenkins JIRA | 2 years ago | DI2E SysAdmin
    javax.naming.CommunicationException: java.net.SocketException: Connection reset [Root exception is javax.net.ssl.SSLException: java.net.SocketException: Connection reset]
  2. 0

    I am attempting to use the inherent StartTLS over LDAP support in the Active Directory plugin. If I'm reading the docs correctly, it should 'just work'. I perused the code and saw that it seems to trust any cert. Here's what I see in the logs: {code} Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Attempting to resolve _gc._tcp.ABCDMZ._sites.my.domain to SRV record Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Attempting to resolve _ldap._tcp.ABCDMZ._sites.my.domain to SRV record Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm SRV record found: 0 100 389 RODC07.my.domain. Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm _ldap._tcp.ABCDMZ._sites.my.domain resolved to [RODC07.my.domain:389] Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Connecting to ldap://RODC07.my.domain:389/ Oct 23, 2014 2:53:14 AM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Failed to start TLS. Authentication will be done via plain-text LDAP javax.naming.CommunicationException: java.net.SocketException: Connection reset [Root exception is javax.net.ssl.SSLException: java.net.SocketException: Connection reset] at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3259) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:448) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:392) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:239) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:196) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:140) at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:74) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:86) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:724) Caused by: javax.net.ssl.SSLException: java.net.SocketException: Connection reset at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1844) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1808) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1753) at sun.security.ssl.AppInputStream.read(AppInputStream.java:113) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read1(BufferedInputStream.java:275) at java.io.BufferedInputStream.read(BufferedInputStream.java:334) at com.sun.jndi.ldap.Connection.run(Connection.java:849) ... 1 more Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:189) at java.net.SocketInputStream.read(SocketInputStream.java:121) at sun.security.ssl.InputRecord.readFully(InputRecord.java:442) at sun.security.ssl.InputRecord.read(InputRecord.java:480) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882) at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) ... 5 more {code} This DC serves up normal LDAP and LDAPS to other apps, and I can connect to it with LDAP + StartTLS using Apache Directory Studio, so I know its certificate is installed properly.

    Jenkins JIRA | 2 years ago | DI2E SysAdmin
    javax.naming.CommunicationException: java.net.SocketException: Connection reset [Root exception is javax.net.ssl.SSLException: java.net.SocketException: Connection reset]
  3. 0

    tomcat LDAP authentication issue

    Stack Overflow | 7 months ago | user739115
    javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]; remaining name 'DC=corp,DC=local'
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    LDAP authentication issue

    Coderanch | 7 months ago | subba rao
    javax.naming.CommunicationException: Connection reset [Root exception is java.net.SocketException: Connection reset]; remaining name 'DC=corp,DC=local'
  6. 0

    TransferManager hitting "Connection Reset"

    GitHub | 2 years ago | rcoh
    com.amazonaws.AmazonClientException: Unable to store object contents to disk: Connection reset

  1. tvrmsmith 1 times, last 3 weeks ago
  2. Tahir 2 times, last 2 months ago
  3. aldrinleal 11 times, last 5 months ago
  4. Nikolay Rybak 1 times, last 7 months ago
  5. rp 1 times, last 10 months ago
20 more registered users
73 unregistered visitors
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. java.net.SocketException

    Connection reset

    at java.net.SocketInputStream.read()
  2. Java RT
    SocketInputStream.read
    1. java.net.SocketInputStream.read(SocketInputStream.java:189)
    2. java.net.SocketInputStream.read(SocketInputStream.java:121)
    2 frames
  3. Java JSSE
    AppInputStream.read
    1. sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
    2. sun.security.ssl.InputRecord.read(InputRecord.java:480)
    3. sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
    4. sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    5. sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)
    6. sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
    6 frames
  4. Java RT
    Thread.run
    1. java.io.BufferedInputStream.fill(BufferedInputStream.java:235)
    2. java.io.BufferedInputStream.read1(BufferedInputStream.java:275)
    3. java.io.BufferedInputStream.read(BufferedInputStream.java:334)
    4. com.sun.jndi.ldap.Connection.run(Connection.java:849)
    5. java.lang.Thread.run(Thread.java:724)
    5 frames