Problem

• Product: VBJ 4.x and BES 5.x
• Platform: AIX 3
• JDK: JDK 1.3 and JDK 1.44
• Component: SSL

When using BES 5.2.1 server and VBJ 4.5.1 Client, the folllowing error is encountered:

main, WRITE: sslv2, contentType = 22, translated length = 16328
main, READ: sslv3 Alert, length = 2
main, RECV SSLv3 ALERT: fatal, EOFexception: couldn"t read, peer disconnected

com.inprise.security.ssl.SSLException: Received fatal alert:

at com.inprise.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1142) at com.inprise.security.ssl.SSLSocketImpl.clearPipeline(SSLSocketImpl.java:847) at com.inprise.security.ssl.SSLSocketImpl.write(SSLSocketImpl.java:592) at com.inprise.security.ssl.AppOutputStream.write(AppOutputStream.java:71) at com.inprise.security.ssl.SSLConnection.write(SSLConnection.java:314) at com.inprise.vbroker.GIOP.OutputStream.write(OutputStream.java:168) at com.inprise.vbroker.GIOP.OutputStream.writeUnfragmented(OutputStream.java:143) at com.inprise.vbroker.GIOP.OutputStream.writeFragmented(OutputStream.java:78) at com.inprise.vbroker.GIOP.Message.write(Message.java:107) at com.inprise.vbroker.GIOP.GiopConnection.send_message(GiopConnection.java:262) at com.inprise.vbroker.GIOP.GiopConnection.send_message(GiopConnection.java:229) at com.inprise.vbroker.GIOP.ProtocolConnector.invoke(ProtocolConnector.java:557) at com.inprise.vbroker.interceptor.ChainClientInterceptor.invoke(ChainClientInterceptor.java:233) at com.inprise.vbroker.orb.DelegateImpl.invoke(DelegateImpl.java:587) at org.omg.CORBA.portable.ObjectImpl._invoke(ObjectImpl.java:250) at_PinUpdateInterfaceStub.pinServerLogon(_PinUpdateInterfaceStub.java:170) at TestCcPinUpdSvr.main(TestCcPinUpdSvr.java:97)

What does SSLv3 ALERT: fatal mean?

Resolution

This issue is fixed in VBE 5.2.1.P13.

The "fatal" error is caused because the server side did not recognize the ClienHello message. This is a JSSE Implementation issue, as in IBM JSSE implementation from 1.4, the default enabled protocol at the socket level is TLS and TLSv1. As JSSE used in VBJ 4.5.1 has not reach that level, the above mentioned patch will resolve this issue.