Modify

Opened 6 years ago

Closed 6 years ago

Last modified 3 years ago

#9875 closed defect (fixed)

SSL/proxy error on startup while downloading map styles

Reported by: ftrebien Owned by: team
Priority: minor Milestone: 14.03
Component: Core Version: tested
Keywords: java7 https tls ssl Cc:

Description

Hello,

Since an update to JOSM 6891, I've started getting the following message at start-up on two computers, both running an up-to-date Debian Wheezy system, one behind a proxy, but not the other:


JOSM tried to access the following resources:

but failed to do so, because of the following network errors:

  • javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

It may result of a missing proxy configuration.
Would you like to change your proxy settings now?


Proxy settings are set to No proxy on the computer that is not behind a proxy.

The URL above is downloadable to me using a web browser (Chromium, Iceweasel) without problems. The Mapnik style no longer appears under the Map Paint Styles menu. It does show in the Map Settings pane in JOSM's preferences, but even though it is checked, the style is not applied to the map view.

JOSM updated all plugins without any network-related error on both computers.

I also have JOSM (latest) installed, version 6918, where all symptoms are now equal after I tried to reload the Mapnik style by removing it from the list of active styles, reloading the list of available styles, and then adding it back to the active list (which gave me no error message at all). Before trying to do so, the Mapnik style still showed under the Map Paint Styles menu and the style still worked.

The Mapnik style is not one I use often, but other people are having the same problem, so any ideas on how to fix this would be appreciated.

Attachments (0)

Change History (9)

comment:1 Changed 6 years ago by Don-vip

Keywords: java7 https tls ssl added
Milestone: 14.03

Java bug: http://stackoverflow.com/q/7615645/2257172

But there's an easy workaround.

comment:2 Changed 6 years ago by Don-vip

Resolution: fixed
Status: newclosed

In 6946/josm:

fix #9875 - disable jsse.enableSNIExtension

comment:3 Changed 6 years ago by ftrebien

Indeed, running JOSM with java -Djsse.enableSNIExtension=false -jar /usr/share/josm/josm.jar fixes the issue for me. Meanwhile, users can set the environment variable JAVA_OPTS=-Djsse.enableSNIExtension=false before launching JOSM or edit the line that sets JAVA_OPTS in the launch scripts at /usr/bin/josm and /usr/bin/josm-latest.

Last edited 6 years ago by ftrebien (previous) (diff)

comment:4 Changed 6 years ago by Don-vip

or wait a few hours for the next tested version :)

comment:5 Changed 6 years ago by ftrebien

Sure. Well, thanks a lot! :D

Last edited 6 years ago by ftrebien (previous) (diff)

comment:6 Changed 6 years ago by stoecker

Hmm, disabling SNI seems not a good idea to me. It will break all HTTPS accesses to servers with virtual hosts.

comment:7 Changed 6 years ago by Don-vip

In 6950/josm:

see #9875 - implement fallback via advanced preference jdk.tls.enableSNIExtension to re-enable SNI if needed

comment:8 Changed 3 years ago by bastiK

In 9218/josm:

fix #12152 - re-enable SNI by default

comment:9 Changed 3 years ago by bastiK

Ticket #14241 has been marked as a duplicate of this ticket.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain team.
as The resolution will be set.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.