javax.net.ssl.SSLException: Received fatal alert: record_overflow

See original GitHub issue

last week all was working normal. Today I got a javax.net.ssl.SSLException: Received fatal alert: record_overflow when PUTTING the workspace:

openjdk 11:

java version "11.0.2" 2019-01-15 LTS
Java(TM) SE Runtime Environment 18.9 (build 11.0.2+9-LTS)
Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.2+9-LTS, mixed mode)

build.gradle:

apply plugin: 'java'
apply plugin:'application'

repositories {
    mavenCentral()
}

dependencies {
    compile 'com.structurizr:structurizr-client:1.3.0'
}

mainClassName = "Structurizr"

compileJava.options.encoding = 'UTF-8'
compileTestJava.options.encoding = 'UTF-8'

sourceCompatibility = 1.11
targetCompatibility = 1.11

Action:

private static void uploadWorkspaceToStructurizr(Workspace workspace) throws Exception {
        StructurizrClient structurizrClient = new StructurizrClient(API_KEY, API_SECRET);
        structurizrClient.putWorkspace(WORKSPACE_ID, workspace);
    }

stack-trace:

INFO: Putting workspace with ID 43257
mar 25, 2019 6:46:18 PM com.structurizr.api.StructurizrClient putWorkspace
SEVERE: javax.net.ssl.SSLException: Received fatal alert: record_overflow
Exception in thread "main" com.structurizr.api.StructurizrClientException: javax.net.ssl.SSLException: Received fatal alert: record_overflow
        at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:377)
        at Structurizr.uploadWorkspaceToStructurizr(Structurizr.java:96)
        at Structurizr.main(Structurizr.java:89)
Caused by: javax.net.ssl.SSLException: Received fatal alert: record_overflow
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
        at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
        at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1155)
        at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1125)
        at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:823)
        at org.apache.hc.core5.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:149)
        at org.apache.hc.core5.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:280)
        at org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:241)
        at org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:53)
        at org.apache.hc.core5.http.impl.io.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:187)
        at org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(HttpRequestExecutor.java:180)
        at org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(HttpRequestExecutor.java:223)
        at org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager$InternalConnectionEndpoint.execute(PoolingHttpClientConnectionManager.java:561)
        at org.apache.hc.client5.http.impl.classic.InternalExecRuntime.execute(InternalExecRuntime.java:195)
        at org.apache.hc.client5.http.impl.classic.MainClientExec.execute(MainClientExec.java:106)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57)
        at org.apache.hc.client5.http.impl.classic.ConnectExec.execute(ConnectExec.java:171)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57)
        at org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(ProtocolExec.java:164)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57)
        at org.apache.hc.client5.http.impl.classic.RetryExec.execute(RetryExec.java:87)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57)
        at org.apache.hc.client5.http.impl.classic.RedirectExec.execute(RedirectExec.java:115)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57)
        at org.apache.hc.client5.http.impl.classic.ContentCompressionExec.execute(ContentCompressionExec.java:125)
        at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
        at org.apache.hc.client5.http.impl.classic.InternalHttpClient.doExecute(InternalHttpClient.java:171)
        at org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:77)
        at org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:102)
        at com.structurizr.api.StructurizrClient.putWorkspace(StructurizrClient.java:365)
        ... 2 more

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

5reactions
matfcommented, May 29, 2019

This is actually a bug in java’s SSL implementation.

See

The only workaround for the moment according to the above bug description seems to be disabling TLS1.3 via the JVM argument -Djdk.tls.client.protocols="TLSv1,TLSv1.1,TLSv1.2"

2reactions
matfcommented, Aug 21, 2019
Read more comments on GitHub >

github_iconTop Results From Across the Web

SSLHandshakeException: Received fatal alert: record_overflow
This is happening on the server side which is using Netscalar for Load Balancing. javax.net.ssl.SSLHandshakeException: Received fatal alert: ...
Read more >
SSLException: Received fatal alert: record_overflow
Hi to all, I have a strange behavior when uploading a file to JIRA over API. With some random .rtf file, I am...
Read more >
javax.net.ssl.SSLException: Received fatal alert
This error usually indicates that the incorrect TLS version is being used between Jenkins and the external application. Typically Jenkins expects TLS v1.2...
Read more >
Record Overflow - Talend Community
Caused by: javax.net.ssl.SSLException: Received fatal alert: record_overflow. at java.base/sun.security.ssl.Alert.
Read more >
Burp fails to upload file with "Received fatal alert
3 bug in the JDK you are using (https://stackoverflow.com/questions/54119613/sslhandshakeexception-received-fatal-alert-record-overflow). Could ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found