Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Received fatal alert: internal_error #221

Closed
romovs opened this issue May 4, 2015 · 6 comments
Closed

Received fatal alert: internal_error #221

romovs opened this issue May 4, 2015 · 6 comments
Milestone
2.1.0-beta-1

Comments

@romovs
Copy link

romovs commented May 4, 2015

https://kitematic.com doesn't load at all with proxy.

Chrome:
screenshot-7

BMP:

[rom@aelia bin]$ ./browsermob-proxy --port 9090 -use-littleproxy true
Running BrowserMob Proxy using LittleProxy implementation.
[INFO  2015-05-05T02:15:44,088 net.lightbody.bmp.proxy.Main] (main) Starting BrowserMob Proxy version 2.1.0-beta-1-SNAPSHOT 
[INFO  2015-05-05T02:15:44,143 org.eclipse.jetty.util.log] (main) jetty-7.x.y-SNAPSHOT 
[INFO  2015-05-05T02:15:44,184 org.eclipse.jetty.util.log] (main) started o.e.j.s.ServletContextHandler{/,null} 
[INFO  2015-05-05T02:15:45,356 org.eclipse.jetty.util.log] (main) Started SelectChannelConnector@0.0.0.0:9090 
[INFO  2015-05-05T02:15:48,782 org.littleshoot.proxy.impl.DefaultHttpProxyServer] (qtp1318227903-16) Starting proxy at address: 0.0.0.0/0.0.0.0:8081 
[INFO  2015-05-05T02:15:48,796 org.littleshoot.proxy.impl.DefaultHttpProxyServer] (qtp1318227903-16) Proxy listening with TCP transport 
[INFO  2015-05-05T02:15:48,836 org.littleshoot.proxy.impl.DefaultHttpProxyServer] (qtp1318227903-16) Proxy started at address: /0:0:0:0:0:0:0:0:8081 
[WARN  2015-05-05T02:16:01,021 org.littleshoot.proxy.impl.ProxyToServerConnection] (LittleProxy-ProxyToServerWorker-0) (HANDSHAKING) [id: 0x730a27b4, 0.0.0.0/0.0.0.0:48367 :> kitematic.com/104.28.3.49:443]: Caught exception on proxy -> web connection io.netty.handler.codec.DecoderException: javax.net.ssl.SSLException: Received fatal alert: internal_error
    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:346) ~[browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:229) ~[browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:339) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:324) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:847) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:131) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:511) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:468) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:382) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:354) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:111) [browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at java.lang.Thread.run(Thread.java:745) [?:1.8.0_25]
Caused by: javax.net.ssl.SSLException: Received fatal alert: internal_error
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) ~[?:1.8.0_25]
    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1646) ~[?:1.8.0_25]
    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1614) ~[?:1.8.0_25]
    at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1780) ~[?:1.8.0_25]
    at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1075) ~[?:1.8.0_25]
    at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:901) ~[?:1.8.0_25]
    at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:775) ~[?:1.8.0_25]
    at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) ~[?:1.8.0_25]
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1114) ~[browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:981) ~[browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:934) ~[browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:315) ~[browsermob-dist-2.1.0-beta-1-SNAPSHOT.jar:?]
    ... 11 more
@jekh
Copy link
Collaborator

jekh commented May 5, 2015

Confirmed, I see the same issue. Judging from the mysterious exception message, this will probably take some digging into the SSL underworld of Java.

@romovs
Copy link
Author

romovs commented May 5, 2015

This happens with all sites which use CloudFlare Flexible SSL service.
https://www.icontrolwp.com
https://www.krautcomputing.com

screenshot-9

Perhaps something to do with the ECDHE_ECDSA key exchange. Seems to be the only difference with other working sites..

@jekh jekh added this to the 2.1.0-beta-1 milestone May 15, 2015
@jekh jekh mentioned this issue May 17, 2015
Closed
@jekh
Copy link
Collaborator

jekh commented May 17, 2015

I opened a LittleProxy issue for this. Hopefully somebody with more SSL experience over there can shed some insight into what could be causing this.

@jekh
Copy link
Collaborator

jekh commented May 24, 2015

I just pushed a potential fix for this issue. Let me know if you still see this or similar SSL issues.

@romovs
Copy link
Author

romovs commented May 24, 2015

Seems to be working fine now, Cheers!

@jekh
Copy link
Collaborator

jekh commented May 24, 2015

Awesome! Thanks. I'll close this for now, and we can re-open if it becomes an issue again.

@jekh jekh closed this as completed May 24, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.1.0-beta-1
Development

No branches or pull requests
2 participants
@romovs @jekh