javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation

Search Guard
1

Hi I am getting this issue and sgadmin.sh hangs when running it ?

[2016-08-24 13:27:33,892][DEBUG][netty.handler.ssl.SslHandler] [id: 0x69a4b88c, /127.0.0.1:46373 => /127.0.0.1:9200] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[2016-08-24 13:27:33,894][DEBUG][netty.handler.ssl.SslHandler] Failed to clean up SSLEngine.

javax.net.ssl.SSLException: Inbound closed before receiving peer’s close_notify: possible truncation attack?

at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)

at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)

at org.jboss.netty.handler.ssl.SslHandler.closeEngine(SslHandler.java:591)

at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:583)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)

at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)

at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)

at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)

at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)

at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

at java.lang.Thread.run(Thread.java:745)

[2016-08-24 13:27:36,427][DEBUG][netty.handler.ssl.SslHandler] [id: 0xd719bc6f, /127.0.0.1:46374 => /127.0.0.1:9200] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[2016-08-24 13:27:36,429][DEBUG][netty.handler.ssl.SslHandler] Failed to clean up SSLEngine.

javax.net.ssl.SSLException: Inbound closed before receiving peer’s close_notify: possible truncation attack?

at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)

at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)

at org.jboss.netty.handler.ssl.SslHandler.closeEngine(SslHandler.java:591)

at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:583)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)

at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)

at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)

at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)

at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)

at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
2

You can ignore the "javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?", thats not the cause of your problem.
(Its a harmless exception and its logged on DEBUG level)
To figure out why sgadmin hangs we need a few more details:

- Search Guard SSL and Search Guard version
- Cluster size (how many nodes)
- Operating system vendor and version
- Do you run elasticsearch within a cloud environment (aws, ...)
- Java version and vendor
- Complete elasticsearch logfiles (every node) on DEBUG level (from elasticsearch start until sgadmin is finished/hangs)
- Complete output of sgadmin

···

Am 24.08.2016 um 16:13 schrieb Alan <bujarmetaj@gmail.com>:

Hi I am getting this issue and sgadmin.sh hangs when running it ?

[2016-08-24 13:27:33,892][DEBUG][netty.handler.ssl.SslHandler] [id: 0x69a4b88c, /127.0.0.1:46373 => /127.0.0.1:9200] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[2016-08-24 13:27:33,894][DEBUG][netty.handler.ssl.SslHandler] Failed to clean up SSLEngine.
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
  at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
  at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
  at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
  at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
  at org.jboss.netty.handler.ssl.SslHandler.closeEngine(SslHandler.java:591)
  at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:583)
  at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
  at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)
  at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)
  at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)
  at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
  at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
  at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)
  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
  at java.lang.Thread.run(Thread.java:745)
[2016-08-24 13:27:36,427][DEBUG][netty.handler.ssl.SslHandler] [id: 0xd719bc6f, /127.0.0.1:46374 => /127.0.0.1:9200] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[2016-08-24 13:27:36,429][DEBUG][netty.handler.ssl.SslHandler] Failed to clean up SSLEngine.
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
  at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
  at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
  at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
  at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
  at org.jboss.netty.handler.ssl.SslHandler.closeEngine(SslHandler.java:591)
  at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:583)
  at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
  at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)
  at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)
  at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)
  at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
  at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
  at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)
  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/aa3e385f-c7f1-40b9-93de-486603cb207c%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.