j.n.ConnectException: General SSLEngine problem

430 views
Skip to first unread message

karthik rao

unread,
Oct 24, 2018, 6:39:54 AM10/24/18
to Gatling User Group
Hello,

Request the guru's to advice me on the following error: j.n.ConnectException: General SSLEngine problem and the following things has been followed. Please kindly suggest or advice me what needs to be taken care of. 

In SoapUI the posting the soap request with attaching the keystore works.

In Gatling :

  • Gatling.conf configure for the ssl -> Keystore with appropriate parameters.
  • Set system properties in Gradle.build and gradle.properties
Gatling.conf:
ssl {
  keyStore {
    type = "JKS"      # Type of SSLContext's KeyManagers store
    file = "C:\\Program Files\\Java\\jre1.8.0_181\\lib\\security\\client.keystore"      # Location of SSLContext's KeyManagers store
    password = "STEALTH*1234"  # Password for SSLContext's KeyManagers store
    #algorithm = "" # Algorithm used SSLContext's KeyManagers store
  }


Request:

val httpProtocol = http
  .disableClientSharing
 .baseURL("https://hostname:8443/") //VM ENVIRONMENT
 //  .inferHtmlResources()
 .acceptHeader("text/html,text/xml,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
 .acceptEncodingHeader("gzip, deflate")
 .acceptLanguageHeader("en-US")
  .connectionHeader("Keep-Alive")
 .userAgentHeader("Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729; InfoPath.3)")


object Roll{

  val enroll = exitBlockOnFail {
    exec(http("Create Identity - BO")
      .post("/service.wsdl")
      .headers(header1)
      .header("Content-Type","text/xml;charset=UTF-8")
      .header("SOAPAction","http://hostname.com/service/enroll")
      .header("Connection","Keep-Alive")
      .header("Content-Length","1005443")
      .header("User-Agent"," Apache-HttpClient/4.1.1 (java 1.5)")
      .body(ElFileBody("C:\\Users\\Desktop\\gatling-gradle\\src\\gatling\\scala\\enrollment\\bo_soap.txt"))
      .check(substring("<enroll>").exists)
      .check(regex("""<enroll>,'(.+?)',</enroll>"""))
      .check(status.is(200))
      .check(status.not(404))
      .check(status.not(401))
      .check(status.not(500)))
      }
      //  .exitHereIfFailed
      .pause(2,10)

}


FEW Lines of Gatling Logs:

15:49:41.383 [INFO ] akka.event.slf4j.Slf4jLogger - Slf4jLogger started
15:49:41.673 [INFO ] i.g.c.stats.writer.ConsoleDataWriter - Initializing
15:49:41.673 [INFO ] i.g.c.stats.writer.LogFileDataWriter - Initializing
15:49:41.682 [INFO ] i.g.c.stats.writer.ConsoleDataWriter - Initialized
15:49:41.695 [INFO ] i.g.c.stats.writer.LogFileDataWriter - Initialized
15:49:42.072 [INFO ] io.gatling.http.ahc.HttpEngine - Start warm up
15:49:43.138 [INFO ] io.gatling.http.ahc.HttpEngine - Couldn't execute warm up request http://gatling.io
java.util.concurrent.TimeoutException: Request timeout to not-connected after 1000ms
	... 6 common frames omitted
Wrapped by: java.util.concurrent.ExecutionException: java.util.concurrent.TimeoutException: Request timeout to not-connected after 1000ms
	at org.asynchttpclient.netty.NettyResponseFuture.abort(NettyResponseFuture.java:239)
	at org.asynchttpclient.netty.request.NettyRequestSender.abort(NettyRequestSender.java:396)
	at org.asynchttpclient.netty.timeout.TimeoutTimerTask.expire(TimeoutTimerTask.java:43)
	at org.asynchttpclient.netty.timeout.RequestTimeoutTimerTask.run(RequestTimeoutTimerTask.java:48)
	at io.netty.util.HashedWheelTimer$HashedWheelTimeout.expire(HashedWheelTimer.java:581)
	at io.netty.util.HashedWheelTimer$HashedWheelBucket.expireTimeouts(HashedWheelTimer.java:655)
	at io.netty.util.HashedWheelTimer$Worker.run(HashedWheelTimer.java:367)
	at java.lang.Thread.run(Thread.java:748)
15:49:43.139 [INFO ] io.gatling.http.ahc.HttpEngine - Warm up done
15:49:43.339 [INFO ] i.gatling.core.controller.Controller - InjectionStopped
15:49:43.515 [DEBUG] io.gatling.http.ahc.AsyncHandler - Request 'Create Identity - BO' failed for user 1
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
	... 32 common frames omitted
Wrapped by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
	at sun.security.validator.Validator.validate(Validator.java:262)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:281)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1601)
	... 26 common frames omitted
Wrapped by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1728)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:330)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
	at sun.security.ssl.Handshaker$1.run(Handshaker.java:992)
	at sun.security.ssl.Handshaker$1.run(Handshaker.java:989)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1467)
	at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1124)
	at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1009)
	... 18 common frames omitted


GRADLE.PROPERTIES: tried with both javax.net.ssl and gatling.http.ssl but no effect.
##used javax.net.ssl instead of gatling.http.ssl

systemProp.javax.net.ssl.keyStore.file=C:\\Program Files\\Java\\jre1.8.0_181\\lib\\security\\client.keystore
systemProp.javax.net.ssl.keyStore.password=STEALTH*1234
systemProp.javax.net.ssl.keyStore.type=JKS

BUILD.GRADLE:
System.setProperty("javax.net.debug", "all")
System.setProperty("javax.net.ssl.keyStore.file", "C:\\Program Files\\Java\\jre1.8.0_181\\lib\\security\\client.keystore")
System.setProperty("javax.net.ssl.keyStore.password", "STEALTH*1234")
System.setProperty("javax.net.ssl.trustStore.type", "JKS")

karthik rao

unread,
Oct 24, 2018, 8:51:12 AM10/24/18
to Gatling User Group
Finally it solved.

Had to import the cert file of the server to java cacerts keystore. 


--
You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Kapil

unread,
Feb 2, 2019, 5:34:15 AM2/2/19
to Gatling User Group
Can you send the instruction what you did to resolve this issue please if possible ?
Reply all
Reply to author
Forward
0 new messages