web stats
Can't log in to Mirth Connect Administrator 3.1.1- SSLHandshake Exception - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 12-23-2014, 01:00 PM
bschwartz bschwartz is offline
What's HL7?
 
Join Date: Nov 2014
Location: Chattanooga,TN
Posts: 2
bschwartz is on a distinguished road
Default Can't log in to Mirth Connect Administrator 3.1.1- SSLHandshake Exception

I have Mirth 3.1.1 installed on a Windows 2012 R2 server and am having no problems with my active channel receiving HL7 messages and routing them to their expected destinations, but attempting to log in to the Mirth Connect Administrator fails whether I'm connecting from my desktop machine or locally on the server. Both the server and every client machine I've used are running Java 8u25. The most recent updates to the server were applied on 12/17, and as recently as the morning of 12/22 I was still able to get logged in but sometime in the afternoon this behavior started. I've tried clearing my Java cache multiple times, both on the client machine and on the server, but to no avail. I can connect to the server using both telnet and remote desktop, and I can get the main launch page to come up at http://mirth.intranet.local:8080. when I try to navigate to the "Access Secure Site" URL, I receive errors similar to the one below from Chrome.
"The webpage at https://mirth.intranet.local:9443/webadmin/Index.action might be temporarily down or it may have moved permanently to a new web address.
Error code: ERR_CONNECTION_CLOSED"

Each attempt to log in to the Administrator results in the message "There was an error connecting to the server at the specified address. Please verify that the server is up and running". The server was originally installed using port 8443 for the admin, but in searching the forum for a solution before posting I saw a related thread that suggested changing the port # to see if that changed the behavior. In this case, it didn't. I've also noticed that in the config there seem to be a significant number of protocols and ciphers listed by default, should some of those be removed/disabled?

Stack trace appears below. Has anyone experienced something similar to this? Thanks!
Code:
javax.net.ssl.SSLHandshakeException: No appropriate protocol
                at sun.security.ssl.Handshaker.activate(Unknown Source)
                at sun.security.ssl.SSLEngineImpl.kickstartHandshake(Unknown Source)
                at sun.security.ssl.SSLEngineImpl.readNetRecord(Unknown Source)
                at sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
                at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
                at org.eclipse.jetty.io.nio.SslConnection.unwrap(SslConnection.java:524)
                at org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:359)
                at org.eclipse.jetty.io.nio.SslConnection.access$900(SslConnection.java:48)
                at org.eclipse.jetty.io.nio.SslConnection$SslEndPoint.fill(SslConnection.java:666)
                at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1035)
                at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:280)
                at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
                at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
                at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)
                at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627)
                at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51)
                at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
                at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
                at java.lang.Thread.run(Unknown Source)
DEBUG 2014-12-23 12:44:00,599 [qtp2142750150-36] org.eclipse.jetty.io.nio.ChannelEndPoint: close SCEP@6717e3a1{l(/172.17.33.233:53547)<->r(/172.17.16.153:9443),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0!}-{SslConnection@3faf1353 SSL NEED_WRAP i/o/u=215/0/0 ishut=false oshut=false {AsyncHttpConnection@6033322d,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=0},r=0}}
DEBUG 2014-12-23 12:44:00,599 [qtp2142750150-32 Selector0] org.eclipse.jetty.io.nio: destroyEndPoint SCEP@6717e3a1{l(null)<->r(0.0.0.0/0.0.0.0:9443),d=true,open=false,ishut=true,oshut=true,rb=false,wb=false,w=true,i=0!}-{SslConnection@3faf1353 SSL NEED_WRAP i/o/u=215/0/0 ishut=false oshut=false {AsyncHttpConnection@6033322d,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=0},r=0}}
DEBUG 2014-12-23 12:44:00,599 [qtp2142750150-32 Selector0] org.eclipse.jetty.server.AbstractHttpConnection: closed AsyncHttpConnection@6033322d,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=0},r=0
DEBUG 2014-12-23 12:44:00,631 [qtp2142750150-32 Selector0] org.eclipse.jetty.io.nio: created SCEP@3be1c84d{l(/172.17.33.233:53549)<->r(/172.17.16.153:9443),d=false,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0}-{SslConnection@423a3746 SSL NOT_HANDSHAKING i/o/u=-1/-1/-1 ishut=false oshut=false {AsyncHttpConnection@6a35ace0,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=0},r=0}}

Last edited by bschwartz; 12-23-2014 at 01:12 PM. Reason: added mention of cleared Java cache.
Reply With Quote
  #2  
Old 12-30-2014, 12:53 PM
wayneh wayneh is offline
OBX.3 Kenobi
 
Join Date: May 2012
Posts: 102
wayneh is on a distinguished road
Default

We disabled SSLv3 as a protocol in 3.1.1. For some reason your Administrator and Server cannot find a common protocol that they both support. You can first try adding SSLv3 back to the client and server protocols and see if that fixes your issues. Then you can determine why they may not be supporting other protocols.

See our upgrade guide for some more information
Reply With Quote
  #3  
Old 02-03-2015, 11:47 AM
wayneh wayneh is offline
OBX.3 Kenobi
 
Join Date: May 2012
Posts: 102
wayneh is on a distinguished road
Default

Try updating the client protocols in mirth.properties to

https.client.protocols = TLSv1

then restart the Mirth Connect Server and try again.

If that doesn't work please indicate what your https.client.protocol and https.server.protocols settings are
Reply With Quote
  #4  
Old 12-15-2016, 01:52 AM
kinjo kinjo is offline
What's HL7?
 
Join Date: Dec 2016
Posts: 2
kinjo is on a distinguished road
Default

I am having ERR_CONNECTION_CLOSED problem while visiting Mirth.com
Reply With Quote
  #5  
Old 12-16-2016, 12:36 AM
kinjo kinjo is offline
What's HL7?
 
Join Date: Dec 2016
Posts: 2
kinjo is on a distinguished road
Default I am Having ERR_CONNECTION_CLOSED problem in my PC.

Here’s the mail I got recently for my problem
I have the same issue as Jeffrey.e.Lamb and I think your reply misses a key point. I want to turn Activity Reporting ON, but leave Web Filtering OFF as (for now) I only want to monitor sites my children use.
But even with Web Filtering set to OFF, I get an "ERR_CONNECTION_CLOSED" error from Chrome trying to open google.com and other https sites - I have to change from Child to Standard account or disable Family Safety altogether for it to work. This seems pretty useless.
Strangely IE11 tells me that google.com has an invalid security certificate, rather than block access.

Or otherwise try this: http://www.deskdecode.com/err_connection_closed/
Reply With Quote
Reply

Tags
administrator, java 8, mirth 3.1.1, sslhandshake

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 05:07 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Mirth Corporation