Enable Debug Logging for SSL Issues in Java

Lokesh Gupta

Java Exception Handling
Java Exceptions, SSL

SSL issues are common while working on enterprise applications, but their debugging is not easy. Mostly due to not having enough information in logs.

For example, you will get an exception like this for various reasons – I/O error: java.security.NoSuchAlgorithmException: Error constructing implementation.

An exception stack trace may look like this:

com.howtodoinjava.aav.exception.SystemException: I/O error: java.lang.RuntimeException: Unexpected error: 
java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty; nested exception is 
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: 
the trustAnchors parameter must be non-empty
	at com.howtodoinjava.aav.profilemaintenance.dao.impl.ClassName.methodName(ClassName.java:53)
	at com.howtodoinjava.aav.profilemaintenance.dao.impl.ClassName$FastClassByCGLIB$581a61ad.invoke()
	at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:149)
	at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:692)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at com.howtodoinjava.ecom.common.web.transaction.aop.RequestTraceInterceptor.invoke(RequestTraceInterceptor.java:74)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:625)
	at com.howtodoinjava.aav.profilemaintenance.dao.impl.ClassName$EnhancerByCGLIB$233d14.methodName()
	at com.howtodoinjava.aav.profilemaintenance.service.impl.classImpl.methodName(classImpl.java:25)
	at com.howtodoinjava.idp.ptui.web.action.DemoAction.execute(DemoAction.java:97)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)

1. Problem

Well, as I said that there could be N number of reasons for these errors. Some of them may be:

  • file not found
  • wrong password
  • wrong keystore type
  • wrong cert locations
exceptions-notes

2. Solution

To solve this SSL exception, you must get more information that can tell exactly what is going on. To get that information, enable SSL debug logging by passing javax.net.debug=ssl runtime argument to your server/program.

-Djavax.net.debug=ssl

After passing this flag, you will see extensively detailed logs related to your SSL issue, and mostly It will tell you the exact root cause as well.

Happy Learning !!

Discover More

Related Articles And Resources

Enable Debug Logging for Spring Security
RESTEasy – Enable Gzip Compression Content Encoding
Tomcat – Enable/disable directory listing
How To Debug Java Streams
Java – Send Emails using Gmail SMTP using TLS/SSL
Bypass SSL Certificate Checking in Java

Comments

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments

About Us

HowToDoInJava provides tutorials and how-to guides on Java and related technologies.

It also shares the best practices, algorithms & solutions and frequently asked interview questions.

Tutorial Series

OOP

Regex

Maven

Logging

TypeScript

Python

Meta Links

About Us

Advertise

Contact Us

Privacy Policy

Our Blogs

REST API Tutorial