javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation

[Alan]

Hi I am getting this issue and sgadmin.sh hangs when running it ?

[2016-08-24 13:27:33,892][DEBUG][netty.handler.ssl.SslHandler] [id: 0x69a4b88c, /127.0.0.1:46373 => /127.0.0.1:9200] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[2016-08-24 13:27:33,894][DEBUG][netty.handler.ssl.SslHandler] Failed to clean up SSLEngine.

javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)

at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)

at org.jboss.netty.handler.ssl.SslHandler.closeEngine(SslHandler.java:591)

at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:583)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)

at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)

at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)

at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)

at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)

at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

at java.lang.Thread.run(Thread.java:745)

[2016-08-24 13:27:36,427][DEBUG][netty.handler.ssl.SslHandler] [id: 0xd719bc6f, /127.0.0.1:46374 => /127.0.0.1:9200] HANDSHAKEN: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[2016-08-24 13:27:36,429][DEBUG][netty.handler.ssl.SslHandler] Failed to clean up SSLEngine.

javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)

at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)

at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)

at org.jboss.netty.handler.ssl.SslHandler.closeEngine(SslHandler.java:591)

at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:583)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)

at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)

at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)

at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)

at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)

at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

[SG]

You can ignore the "javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?", thats not the cause of your problem.
(Its a harmless exception and its logged on DEBUG level)
To figure out why sgadmin hangs we need a few more details:

- Search Guard SSL and Search Guard version
- Cluster size (how many nodes)
- Operating system vendor and version
- Do you run elasticsearch within a cloud environment (aws, ...)
- Java version and vendor
- Complete elasticsearch logfiles (every node) on DEBUG level (from elasticsearch start until sgadmin is finished/hangs)
- Complete output of sgadmin

> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/aa3e385f-c7f1-40b9-93de-486603cb207c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.