We have moved at community.getvera.com

Author Topic: SSL Certificate errors in openhab.log?  (Read 1715 times)

Offline shmixx

  • Full Member
  • ***
  • Posts: 171
  • Karma: +2/-1
SSL Certificate errors in openhab.log?
« on: January 06, 2015, 02:39:11 pm »
So I'm going to post here first as I'm unsure if it specific to the mios binding or something else. I'm seeing a whole host of these messages repeated in my logs since updating to the latest OpenHAB binding build:

11:25:56.928 WARN  org.eclipse.jetty.io.nio[:630]- javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

Now I do recall seeing this awhile back with regards to the iOS devices actually causing another message more frequently than this one, and eventually this one would appear. But it seems this has crept up again and now and is repeating quite frequently. It also seems to be somewhat related to OpenHAB communication with my Vera. They often appear while trying to turn switches on/off.

Running 1.7.0 Snapshot of mios binding. from most recent Cloudbees build. System is OpenHAB 1.6.1 running on an XPEnology system (Synology DSM Software on my Hardware). Java v7.

EDIT +++++
Turns out it's not related to this. It has to do with the SSL certificates I have installed and the iOS app. I'm working through if it's isolated or if it's all. Once I grab some more testing/logging, going to post it in the Github Issues for the Openhab.ios repo if anyone else has iOS and seeing a lot of these notifications as well please chime in there.
« Last Edit: January 06, 2015, 03:04:28 pm by shmixx »

Offline guessed

  • Moderator
  • Master Member
  • *****
  • Posts: 5301
  • Karma: +92/-22
  • Release compat is not a bolted-on afterthought
Re: SSL Certificate errors in openhab.log?
« Reply #1 on: January 06, 2015, 03:03:45 pm »
11:25:56.928 WARN  org.eclipse.jetty.io.nio[:630]- javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

I only use HTTP (no SSL) to communicate with Vera.  Doing otherwise would require additional configuration of Vera that most users don't want/need.

Given the specific exception stack, take a close look at what openHAB Clients you have running against it.  It exposes both HTTP (Port 8080) and HTTPS (8443) interface.  The non-standard ports should narrow the potential list of offenders.

The biggest one I get are the DNSIncoming messages, which I've filtered (level="NONE") in configurations/logback{,_debug}.xml)

Offline shmixx

  • Full Member
  • ***
  • Posts: 171
  • Karma: +2/-1
Re: SSL Certificate errors in openhab.log?
« Reply #2 on: January 06, 2015, 03:16:27 pm »
EDIT +++++
Turns out it's not related to this. It has to do with the SSL certificates I have installed and the iOS app. I'm working through if it's isolated or if it's all. Once I grab some more testing/logging, going to post it in the Github Issues for the Openhab.ios repo if anyone else has iOS and seeing a lot of these notifications as well please chime in there.

Opened a Github Issue on the iOS app page - https://github.com/openhab/openhab.ios/issues/31 - for anyone else seeing this issue.