Message11539

Author	stefan.richthofer
Recipients	Neha, stefan.richthofer, zyasoft
Date	2017-08-17.11:32:34
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1502969554.98.0.490375256331.issue2614@psf.upfronthosting.co.za>
In-reply-to

Content
Neha, up to my knowledge Jython out-sources SSL handling. I don't know the details, but JVM's builtin SSL support, bouncy castle and eventually netty (that's more about sockets) do the job. These libs were frequently updated between 2.5.x, 2.7.0 and 2.7.1. Maybe some of these components has kind of internal default trust store that accepted your certificates once, but not in the current version. Anyway, that's just a guess. I am not an expert in SSL handling as of this writing, so I cannot really help here. I'd strongly suggest to focus on the Jython 2.7.1 issue only. It is unlikely that anything will get fixed in Jython 2.7.0. Additionally, the 2.7.1 variant seems to be the most promising. Please check if the procedure from the stack overflow link works with Jython 2.7.1. > which security configuration you talking about It looks like some certificate is missing or outdated in your JVM's trust store. With configuration I meant the setup of your JVM trust store. > could you provide jython ssl certificate to add in our keystore? I thought, only websites/servers and clients provide certificates. What do you mean by jython ssl? How would I provide one? I think you would somehow generate one for your application.

Neha,
up to my knowledge Jython out-sources SSL handling. I don't know the details, but JVM's builtin SSL support, bouncy castle and eventually netty (that's more about sockets) do the job.
These libs were frequently updated between 2.5.x, 2.7.0 and 2.7.1. Maybe some of these components has kind of internal default trust store that accepted your certificates once, but not in the current version.

Anyway, that's just a guess. I am not an expert in SSL handling as of this writing, so I cannot really help here.

I'd strongly suggest to focus on the Jython 2.7.1 issue only. It is unlikely that anything will get fixed in Jython 2.7.0. Additionally, the 2.7.1 variant seems to be the most promising.

Please check if the procedure from the stack overflow link works with Jython 2.7.1.

> which security configuration you talking about

It looks like some certificate is missing or outdated in your JVM's trust store. With configuration I meant the setup of your JVM trust store.

> could you provide jython ssl certificate to add in our keystore?

I thought, only websites/servers and clients provide certificates. What do you mean by jython ssl? How would I provide one?
I think you would somehow generate  one for your application.

History
Date	User	Action	Args
2017-08-17 11:32:34	stefan.richthofer	set	messageid: <1502969554.98.0.490375256331.issue2614@psf.upfronthosting.co.za>
2017-08-17 11:32:34	stefan.richthofer	set	recipients: + stefan.richthofer, zyasoft, Neha
2017-08-17 11:32:34	stefan.richthofer	link	issue2614 messages
2017-08-17 11:32:34	stefan.richthofer	create