[WSO2 APIM ][4.1] SSL peer shut down incorrectly

Question

I have installed a distributed WSO22 APIM platform (4.1 version).

I used the same automation scripts to install the platform in two environments. One of the two platforms does not work correctly. The control plane and traffic manager nodes keep throwing this error endlessly:

ERROR {org.wso2.carbon.databridge.receiver.binary.internal.BinaryDataReceiver} - Error while reading from the socket. javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
       at sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1579)
       at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1409)
       at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309)
       at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440)
       at sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:822)
       at sun.security.ssl.SSLSocketImpl.access$200(SSLSocketImpl.java:73)
       at sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:913)
       at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
       at java.io.BufferedInputStream.read(BufferedInputStream.java:265)
       at org.wso2.carbon.databridge.receiver.binary.internal.BinaryDataReceiver$BinaryTransportReceiver.run(BinaryDataReceiver.java:255)
       at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
       at java.util.concurrent.FutureTask.run(FutureTask.java:266)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
       at java.lang.Thread.run(Thread.java:750)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
       at sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:167)
       at sun.security.ssl.SSLTransport.decode(SSLTransport.java:109)
       at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1401)
       ... 13 more

I do not see any SSL or keystore misconfigurations. Does anyone have any idea what the problem could be?

thanks in advance

Answer 1

Since we used to work on the same project and we finally resolved this mystery, I can answer to this question !

This problem was a big deal, because this error was flooding our logs by being generated every 10s... After checking whith a ps -aux which process was running on our servers, we digged further through the configuration of a generic probe we've got.

This probe does a basic health check on 4 ports, one of them being 9711. That was our problem, because it's a SSL port and after being contacted by the probe, it sends datas and our probe shut down the connexion. That's when the error appears in our logs. So, obviously, our solution is to suppress the health check on this port.

One mystery solved, hope this will help others WSO2 users!

FYI, related wso2 articles :

• https://apim.docs.wso2.com/en/4.1.0/install-and-setup/setup/reference/default-product-ports/
• https://apim.docs.wso2.com/en/4.1.0/install-and-setup/setup/deployment-best-practices/basic-health-checks/#api-m-runtime-health-checks