SEVERE errors: [CLOSED] HTTP protocol exception: null

Issue

In Jenkins logs you are seeing a lot of occurences of these errors

Feb 23, 2017 10:50:09 PM org.apache.http.impl.nio.client.LoggingAsyncRequestExecutor exception 
SEVERE: http-outgoing-XX [CLOSED] HTTP protocol exception: null 
java.nio.channels.ClosedChannelException 
at sun.nio.ch.SocketChannelImpl.ensureReadOpen(SocketChannelImpl.java:257) 
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:300) 
at org.apache.http.nio.reactor.ssl.SSLIOSession.receiveEncryptedData(SSLIOSession.java:346) 
at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:377) 
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118) 
at org.apache.http.impl.nio.reactor.BaseIOReactor.validate(BaseIOReactor.java:220) 
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:284) 
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106) 
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:613) 
at java.lang.Thread.run(Thread.java:745)

Environment

Resolution

Context

This problem comes from a bug in the library Apache HTTP Components HttpAsyncClient.
This bug isn’t referenced in the bug tracker but it seems to have appeared in the version 4.0-beta3 (and was fixed in version 4.1?).
A known user of this buggy library is the Jira Rest Java Client which is used in the Jenkins Jira plugin. Atlassian is using a fork of this buggy library:

[INFO] org.jenkins-ci.plugins:jira:hpi:2.4-SNAPSHOT
...
[INFO] +- com.atlassian.jira:jira-rest-java-client-core:jar:3.0.0:compile
...
[INFO] |  \- com.atlassian.httpclient:atlassian-httpclient-apache-httpcomponents:jar:0.13.2:compile
...
[INFO] |     +- org.apache.httpcomponents:httpasyncclient-cache:jar:4.0-beta3-atlassian-1:compile
...

This issue is tracked in the Jenkins community as: https://issues.jenkins-ci.org/browse/JENKINS-34774
This problem could come from others plugins by for now the Jenkins Jira plugin is the only one to have been clearly identified.

How to fix

The bug comes from an erroneous management of invalid certificates in HTTPS connections.
There are two known root causes and fixes :

1 - Your Jira Server is deployed using HTTPS and its certificate is invalid (expired, …). Solution: You need to fix the certificate on the Jira Server side.
2 - Your Jira Server is deployed using HTTPS with a self-signed certificate. Solution: You need to install this certificate in your Jenkins master JVM keystore

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.