[
https://issues.apache.org/jira/browse/DERBY-2796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12503338
]
Bernt M. Johnsen commented on DERBY-2796:
-----------------------------------------
Thanks for your input.
1) When you have a plaintext server/client communication with an ssl peer, the
plaintext side will just see garbage. That garbage, may be SSL-encoded
communication or it might be something else. It is hard to give meaningful
error-messages and it would require a major rewrite of the DRDA code, since
this is detected way donw in the call stack. I think documentation is the
proper solution here for the time being.
2) The SSLException "javax.net.ssl.SSLException: Unrecognized SSL message,
plaintext connection?" I think is ok, but it might be good to get rid of the
stack trace. We have to propagate the text out to the user, since that is the
only clue the user might get of what went wrong. Is this an doc issue too?
> Obscure error messages when using SSL in various combinations
> -------------------------------------------------------------
>
> Key: DERBY-2796
> URL: https://issues.apache.org/jira/browse/DERBY-2796
> Project: Derby
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.3.0.0
> Reporter: Rick Hillegas
> Fix For: 10.3.0.0
>
> Attachments: ssltest.html
>
>
> I ran clients with various ssl configurations on their urls and startup
> options against servers with various ssl configurations. I will attach an
> html file recording my results. I feel that many of the error conditions
> raised diagnostics which were too obscure to be helpful. I think this will be
> burdensome to tech support.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
