APAR status
Closed as program error.
Error description
Error Message: Description: The Server using SSLEngine sends an encrypted close_notify alert. If the peer does not respond with its close_notify, then a fatal alert of javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? is sent. This causes the SSLSession to be invalidated and therefore the SSLSession cannot be resumed. . Stack Trace: 4488 WebContainer : 5, called closeInbound() 4489 <OSB>27.06.11 13:15:58:906 CEST<CSB> 0000006d SystemOut O WebContainer : 5, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack? 4490 javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? . Performance problem due to SSLSessions not being resumed.
Local fix
Problem summary
SSLSessions will not be invalidated and will be resumed when peer does not send its close_notify.
Problem conclusion
This defect will be fixed in: 6.0.0 SR10 5.0.0 SR13 6.0.1 SR1 . Since RFC 2246 is vague regarding whether the initiator of the close notify needs to wait for the peer to send its close_notify, SSLEngine will ignore if it has not received a close notify and will just close the inbound connection without throwing an exception. This will allow SSLSessions to be resumed. . To obtain the fix: Install build 20110631 or later
Temporary fix
Comments
APAR Information
APAR number
IV03509
Reported component name
JAVA 5 SECURITY
Reported component ID
620500125
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-07-25
Closed date
2011-07-25
Last modified date
2011-07-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
JAVA 5 SECURITY
Fixed component ID
620500125
Applicable component levels
R500 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020