Native SSL provider not available; will use JDK SSL provider
2,692 views
Skip to first unread message
Marian Valero
Jan 26, 2017, 4:18:06 PM1/26/17
to pushy
Hi, I'm getting this error triying to use pushy in my project who runs on tomcat 8:
2017-01-26 17:02:22 INFO ApnsClientBuilder:424 - Native SSL provider not available; will use JDK SSL provider.
Exception in thread "ActiveMQ Session Task-1" java.lang.ExceptionInInitializerError
at io.netty.handler.ssl.JdkSslContext.toNegotiator(JdkSslContext.java:283)
at io.netty.handler.ssl.JdkSslClientContext.<init>(JdkSslClientContext.java:261)
at io.netty.handler.ssl.SslContext.newClientContextInternal(SslContext.java:751)
at io.netty.handler.ssl.SslContextBuilder.build(SslContextBuilder.java:406)
¡at org.apache.activemq.ActiveMQMessageConsumer.dispatch(ActiveMQMessageConsumer.java:1321)
at org.apache.activemq.ActiveMQSessionExecutor.dispatch(ActiveMQSessionExecutor.java:131)
at org.apache.activemq.ActiveMQSessionExecutor.iterate(ActiveMQSessionExecutor.java:202)
at org.apache.activemq.thread.PooledTaskRunner.runTask(PooledTaskRunner.java:129)
at org.apache.activemq.thread.PooledTaskRunner$1.run(PooledTaskRunner.java:47)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.RuntimeException: ALPN unsupported. Is your classpatch configured correctly? See http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html#alpn-starting
at io.netty.handler.ssl.JdkAlpnApplicationProtocolNegotiator$1.<init>(JdkAlpnApplicationProtocolNegotiator.java:27)
at io.netty.handler.ssl.JdkAlpnApplicationProtocolNegotiator.<clinit>(JdkAlpnApplicationProtocolNegotiator.java:24)
... 16 more
I have those dependencies in my pom.xml file:
<dependency>
<groupId>com.relayrides</groupId>
<artifactId>pushy</artifactId>
<version>0.9</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative-boringssl-static</artifactId>
<version>1.1.33.Fork24</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-all</artifactId>
<version>4.1.6.Final</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.alpn</groupId>
<artifactId>alpn-api</artifactId>
<version>1.1.3.v20160715</version>
</dependency>
I don't know what I'm doing wrong, I put the jars in my lib folder too. Do I need to install a ssl provider in my computer? I hope you can help me.
Thank you so much.
Jon Chambers
Jan 26, 2017, 4:44:27 PM1/26/17
to Marian Valero, pushy
Please see the wiki: https://github.com/relayrides/pushy/wiki/Using-Pushy-in-an-application-container
In short, Tomcat's `tcnative` implementation conflicts with Netty's `tcnative` implementation. You can't use `netty-tcnative` inside Tomcat until https://github.com/netty/netty/pull/5766 is resolved, which we're all hoping will happen soon. In the meantime, you'll need to use `alpn-agent` (https://github.com/jetty-project/jetty-alpn-agent) as your ALPN provider and a JDK SSL provider. If you put the `alpn-agent` jar on Tomcat's classpath AND pass a `-javaagent` argument to Tomcat at startup, you should be good to go.
-Jon
--
Pushy is an open-source Java library for sending APNs (iOS and OS X) push notifications. Pushy is brought to you by the engineers at RelayRides.
---
You received this message because you are subscribed to the Google Groups "pushy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pushy-apns+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Marian Valero
Jan 27, 2017, 7:35:15 AM1/27/17
to pushy
Hi again, I'm getting the same error, I put this in my pom.xml:
<plugin>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
<executions>
<execution>
<id>get-jetty-alpn-agent</id>
<phase>validate</phase>
<goals>
<goal>get</goal>
</goals>
<configuration>
<groupId>org.mortbay.jetty.alpn</groupId>
<artifactId>jetty-alpn-agent</artifactId>
<version>${jetty.alpnAgent.version}</version>
</configuration>
</execution>
</executions>
</plugin>
Like you told me in the jetty alpn agent page. And I put alpn-boot dependency, I don't know if It's error is because I'm using other netty dependencies because If I don't put them the project give me other errors like I need to use netty-handler or netty-util for example. My pom dependencies right now are those:
<dependency>
<groupId>com.relayrides</groupId>
<artifactId>pushy</artifactId>
<version>0.9</version>
</dependency>
<dependency>
<groupId>org.mortbay.jetty.alpn</groupId>
<artifactId>alpn-boot</artifactId>
<version>8.1.0.v20141016</version>
</dependency>
<dependency>
<groupId>org.mortbay.jetty.alpn</groupId>
<artifactId>jetty-alpn-agent</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.alpn</groupId>
<artifactId>alpn-api</artifactId>
<version>1.1.3.v20160715</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-handler</artifactId>
<version>4.1.6.Final</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-codec-http2</artifactId>
<version>4.1.6.Final</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-all</artifactId>
<version>4.1.6.Final</version>
</dependency>
I have the same problem: Native SSL provider not available; will use JDK SSL provider. I think It's getting netty dependencies, I don't know.
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<argLine>
-Xbootclasspath/p:${settings.localRepository}/org/mortbay/jetty/alpn/alpn-boot/${alpn-boot-version}/alpn-boot-${alpn-boot-version}.jar
</argLine>
</configuration>
</plugin>
But I got the same error.
Thanks
Marian Valero
Jan 27, 2017, 9:07:44 AM1/27/17
to pushy
I don't know if I need to configure something in my tomcat environment.
Marian Valero
Jan 27, 2017, 9:23:06 AM1/27/17
to pushy
Hi, I didn't understand that part that you told me "AND pass a `-javaagent` argument to Tomcat at startup, you should be good to go" where I have to do that.
Thanks.
Jon Chambers
Jan 27, 2017, 12:20:39 PM1/27/17
to Marian Valero, pushy
You do not need to add both `alpn-boot` and `alpn-agent`; `alpn-agent` will provide `alpn-boot`, and so you only need `alpn-agent`. Note that you shouldn't add either `alpn-boot` or `alpn-agent` as dependencies in your pom (although you may need to add `alpn-api`). Copying/pasting from the Pushy pom is not generally a good idea, since the things we're doing there are part of a larger strategy for enabling unit testing under a variety of SSL provider configurations and aren't really intended for the general "just send push notifications" case.
As for the other dependencies, just adding Pushy as a dependency should be enough; you shouldn't need to call out Netty dependencies explicitly. All you should need to do is add Pushy (and maybe `alpn-api`) as a dependency. You'll need to download `alpn-agent` and make it known to Tomcat separately. I emphasize that just putting `alpn-agent` somewhere in your pom will NOT do this for you.
-Jon
On Fri, Jan 27, 2017 at 6:23 AM, Marian Valero <maria...@gmail.com> wrote:
Hi, I didn't understand that part that you told me "AND pass a `-javaagent` argument to Tomcat at startup, you should be good to go" where I have to do that.Thanks.
--
Marian Valero
Jan 27, 2017, 1:44:41 PM1/27/17
to pushy
Hi Jon,
I understood that I have to use only alpn-api and pushy dependencies, I did that and I added the alpn-agent configuration that you show me in that page. I removed all netty and alpn-boot dependencies but I'm getting similar errors:
If I delete all netty dependencies of my pom I have this one:
java.lang.NoClassDefFoundError: io/netty/handler/ssl/CipherSuiteFilter
I added Its jar (netty-all without dependency) in my lib folder and then I got the same old error but with another exception:
Native SSL provider not available; will use JDK SSL provider.
Exception in thread "ActiveMQ Session Task-3" java.lang.NoClassDefFoundError: Could not initialize class io.netty.handler.ssl.JdkAlpnApplicationProtocolNegotiator
I have found information about this error similar like you sent me but I couldn't fix it.
I'm using linux x86, I wanna know if the Usage explained in the jetty alpn agent tutorial:
java -javaagent:<path/to/jetty-alpn-agent.jar> ...
is this in the pom configuration or I have to put this one in another place:
<configuration>
<argLine>-javaagent:${jetty.alpnAgent.path}</argLine>
</configuration>
Thank you so much and I'm sorry for all this problems
j...@turo.com
Feb 2, 2017, 11:43:43 AM2/2/17
to pushy
Again, let me emphasize that you cannot solve this problem my editing a pom file. Here's a concrete example of what you might do under Ubuntu:
- Download the `alpn-agent` jar and put it somewhere on your Ubuntu server (let's say in `/var/lib/tomcat7`).
- Edit `/etc/default/tomcat7`.
- Add a line like this at the end: `CATALINA_OPTS="-javaagent:/var/lib/tomcat7/jetty-alpn-agent.jar"`
- Restart Tomcat.
Let me emphasize that this is an EXAMPLE and I do not make any guarantees that it will be appropriate for your specific case. You will need to do research for your specific platform to learn how to pass launch arguments to Tomcat.
I acknowledge that this is not straightforward, but the good news is that https://github.com/netty/netty/pull/5766 just got merged, so this problem will largely go away when the next version of Netty (4.1.9) comes out. Until then, you'll need to tell Tomcat to use `alpn-agent`.
-Jon
Reply all
Reply to author
Forward
0 new messages