Title: certificate verify failed ( General SSLEngine problem)
Type: behaviour Severity: major
Components: Core Versions: Jython 2.7
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: Neha, amak, jamesmudd, jeff.allen
Priority: Keywords:

Created on 2017-11-06.07:16:43 by Neha, last changed 2018-02-26.08:54:45 by jeff.allen.

msg11648 (view) Author: Neha Pithadiya (Neha) Date: 2017-11-06.07:16:42
With JAVA 8.1 and jython-standalone-2.7.1.jar , 

observed following error :-
certificate verify failed ( General SSLEngine problem)

refer this old issue for more details:-,

I want to know what could be the problem here.
msg11649 (view) Author: Neha Pithadiya (Neha) Date: 2017-11-06.07:19:02
Is there some method to generate some debug logs for this issue.
msg11650 (view) Author: Neha Pithadiya (Neha) Date: 2017-11-07.06:18:22
Any updates on this. ? this issue is critical.
msg11653 (view) Author: James Mudd (jamesmudd) Date: 2017-11-08.10:52:19
There is some discussion about a similar problem also where Netty is being used here

I don't think we can really investigate this at the moment can you provide some example code which demonstrates this is a Jython problem? The smaller the better. The current information doesn't suggest anything is going wrong in Jython.

My initial guess is this is a security configuration issue with the certificates or the JVM but its not an area im expert in.
msg11655 (view) Author: Neha Pithadiya (Neha) Date: 2017-11-08.11:24:19
I dont think it is security configuration issue with the certificates or JVM in our system. We are not making any changes in configurations related to security while using this jar. I also mentioned in my old bug that old jython jar 2.7.0 does not create this problem but this new jar does. 
There are some changes in the new jar 2.7.1 which is causing issue. Our code remains the same whatever part it is. 

please see the below code which shows the problem:-

[root@sccm2106 bin]# ./ 
certificate verify failed ( General SSLEngine problem) (1)
[root@sccm2106 bin]#

. `dirname $0`/
$JAVA_CMD -jar $TUAM_LIB/jython-standalone-2.7.1.jar $TUAM_BIN/ "$@"

msg11719 (view) Author: Jeff Allen (jeff.allen) Date: 2018-02-26.08:54:44
Hi Neha: one would need to know what was in and what the environment was, to have any chance of progress. However, that could be complicated.

A simple sequence of operations that really ought to work and doesn't is what we need to understand what bug you have discovered for us.

The message *ought* to mean that the certificate presented by the service you are connecting to is not trusted by the JVM. Just enough code to open the connection would  prove the config is good. Then add code until you prove the Jython libraries as used are mis-handling certificates, connections, etc..
Date User Action Args
2018-02-26 08:54:45jeff.allensetnosy: + jeff.allen
messages: + msg11719
milestone: Jython 2.7.1 ->
2017-11-10 17:48:36amaksetnosy: + amak
2017-11-08 11:24:20Nehasetmessages: + msg11655
2017-11-08 10:52:20jamesmuddsetnosy: + jamesmudd
messages: + msg11653
2017-11-07 06:18:23Nehasetmessages: + msg11650
2017-11-06 07:19:02Nehasetmessages: + msg11649
2017-11-06 07:16:43Nehacreate