Closed as program error.
Error Message: Description: The Server using SSLEngine sends an encrypted close_notify alert. If the peer does not respond with its close_notify, then a fatal alert of javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? is sent. This causes the SSLSession to be invalidated and therefore the SSLSession cannot be resumed. . Stack Trace: 4488 WebContainer : 5, called closeInbound() 4489 <OSB>27.06.11 13:15:58:906 CEST<CSB> 0000006d SystemOut O WebContainer : 5, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack? 4490 javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? . Performance problem due to SSLSessions not being resumed.
SSLSessions will not be invalidated and will be resumed when peer does not send its close_notify.
This defect will be fixed in: 6.0.0 SR10 5.0.0 SR13 6.0.1 SR1 . Since RFC 2246 is vague regarding whether the initiator of the close notify needs to wait for the peer to send its close_notify, SSLEngine will ignore if it has not received a close notify and will just close the inbound connection without throwing an exception. This will allow SSLSessions to be resumed. . To obtain the fix: Install build 20110631 or later
Reported component name
JAVA 5 SECURITY
Reported component ID
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
JAVA 5 SECURITY
Fixed component ID
Applicable component levels
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.