[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 610
  • Last Modified:

SSL closes because of 'bad record MAC'

Hi all

I have the following problem

I Have 3 servers SERVER-A, SERVER-B and SERVER-C

SERVER-A is a reverse proxy allows only HTTPS
SERVER-B is a Web Server allows only HTTPS
SERVER-C is a kind of Server using it's own protocol

The client makes a CONNECT SERVER-B:443 HTTP/1.1 to SERVER-A
Then the client makes a CONNECT SERVER-C:1111 HTTP/1.1 to SERVER-B
Now the client has a secure tunnel from client to SERVER-B the connection from SERVER-B to SERVER-C is unsecure
If I have big load on the connection from the client to SERVER-C, then suddenly the SERVER-B get a 'bad record MAC' and the connection will be closed.

I'm thinking the client is sending a renegotiation message to the SERVER-B and this renegotiation is sent by the SSL from the first HTTPS connection
to SERVER-A. Is there a way to stop/shutdown or whatever the SSL connection without closing the underlying socket?

thanks a lot for your help
0
miyuki5237
Asked:
miyuki5237
1 Solution
 
asood314Commented:
What could be happening is that your .unwrap() function is not reading the entire buffer.  You need to loop over that function call as long as the HandshakeStatus is NEED_UNWRAP or until you get a BUFFER_UNDERFLOW.

Check out these links for more info:
http://forum.java.sun.com/thread.jspa?threadID=641115&messageID=3824032
http://forum.java.sun.com/thread.jspa?threadID=638881
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now