javax.net.ssl.SSLProtocolException: Input record too big - Bug report 8227651
Siemsen, Michael Sean (Sean)
siemsen at avaya.com
Mon May 1 16:32:28 UTC 2023
All,
# java -version
openjdk version "1.8.0_362"
OpenJDK Runtime Environment (build 1.8.0_362-b09)
OpenJDK 64-Bit Server VM (build 25.362-b09, mixed mode)
After making changes to use TLS1.3 I started seeing the following errors.
Caused by: javax.net.ssl.SSLProtocolException: Input record too big: max = 16709 len = 21409
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:508)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:411)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:390)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626)
I found the following bug report:
https://bugs.java.com/bugdatabase/view_bug?bug_id=8227651
JDK-8227651 : Tests fail with SSLProtocolException: Input record too big
JDK 11 JDK 17 JDK 19 JDK 20 JDK 8
11.0.18-oracleFixed 17.0.5Fixed 19.0.1Fixed 20 b10Fixed 8u361Fixed
I can find references for deliveries and backports for JDK11-JDK20 in the bug link above, but not for JDK8.
I believe I am currently experiencing the issue using 8u362 which would imply EITHER:
* I am not experiencing the same problem as listed in 8227651.
* Unlikely because I see the exact same error signature, etc. as in the bug link above.
* The fix was delivered to 8u361 but broken again in 8u362.
* The fix was never delivered to 8u.
Learning which of these the 3 scenarios occurred will help me in deciding whether I HAVE to upgrade my Java version (non-trivial for our product), or debug further and try to find alternate solutions (like reverting to TLS1.2, etc.)
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/jdk8u-dev/attachments/20230501/4e76cec8/attachment.htm>
More information about the jdk8u-dev
mailing list