Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
OneDev 11.5.2
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #999
Can not initialize SSLContext for domain: default, protocol: SSL (#999)
wojciech.kapcia@tigase.net opened 6 years ago 
2019-02-20 12:17:41.300 [ConnectionOpenThread]  SSLContextContainer.getSSLContext()  SEVERE: Can not initialize SSLContext for domain: default, protocol: SSL
java.lang.NullPointerException
        at java.util.concurrent.ConcurrentSkipListMap.doRemove(ConcurrentSkipListMap.java:957)
        at java.util.concurrent.ConcurrentSkipListMap.remove(ConcurrentSkipListMap.java:1595)
        at tigase.io.SSLContextContainer.invalidateContextHolder(SSLContextContainer.java:272)
        at tigase.io.SSLContextContainer.validateDomainCertificate(SSLContextContainer.java:327)
        at tigase.io.SSLContextContainer.getSSLContext(SSLContextContainer.java:247)
        at tigase.io.SSLContextContainer.getSSLContext(SSLContextContainer.java:225)
        at tigase.io.SSLContextContainer.createIoInterface(SSLContextContainer.java:173)
        at tigase.net.IOService.startSSL(IOService.java:329)
        at tigase.server.ConnectionManager$ConnectionListenerImpl.accept(ConnectionManager.java:1182)
        at tigase.net.ConnectionOpenThread.run(ConnectionOpenThread.java:194)
        at java.lang.Thread.run(Thread.java:748)

I assume this is a result of enabling 5223, given domain/protocol?

There are couple of thousands entries related to this in logs:

-rw-r--r--  1 tigase tigase  24G Feb 20 22:11 tigase-console.log
kotali@ip-10-0-7-117:~$ sudo grep -c "Can not initialize SSLContext for domain" /home/tigase/tigase-server/logs/tigase-console.log
3791

-rw-r--r--  1 tigase tigase  23G Feb 20 22:11 tigase-console.log
kotali@ip-10-0-30-236:~$ sudo grep -c "Can not initialize SSLContext for domain" /home/tigase/tigase-server/logs/tigase-console.log
3773

This seems to directly lead to:

2019-02-20 12:54:56.722 [ConnectionOpenThread]  ConnectionOpenThread.run()         SEVERE:   Server I/O error.
java.io.IOException: Too many open files
        at sun.nio.ch.ServerSocketChannelImpl.accept0(Native Method)
        at sun.nio.ch.ServerSocketChannelImpl.accept(ServerSocketChannelImpl.java:422)
        at sun.nio.ch.ServerSocketChannelImpl.accept(ServerSocketChannelImpl.java:250)
        at tigase.net.ConnectionOpenThread.run(ConnectionOpenThread.java:146)
        at java.lang.Thread.run(Thread.java:748)
…
2019-02-20 22:10:15.120 [ConnectionOpenThread]  ConnectionOpenThread.run()         SEVERE:   Server I/O error.
java.io.IOException: Too many open files
        at sun.nio.ch.ServerSocketChannelImpl.accept0(NSTOPPED Wed Feb 20 22:11:20 UTC 2019
Andrzej Wójcik (Tigase) commented 6 years ago

I've fixed the issue caused by clients using SSL connection without specifying TLS server name when default certificate on the installation is expired.
wojciech.kapcia@tigase.net commented 6 years ago

Verified on (detached) sure.im machines and problem is fixed.
issue 1 of 1
Type
Bug
Priority
Blocker
Assignee
wojciech.kapcia@tigase.net
RedmineID
8640
Version
tigase-server-8.0.0
Spent time
5h
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_server/server-core#999
Please wait...
Page is in error, reload to recover