We are using apache2 with reverse proxy as front end and tomcat 6 as backend. Java used is jdk1.6.0_38. SSL is used only in webserver and there is no SSL in tomcat
Post disabling SSLv3 in http server, poodle issue got fixed.
We have two environments TEST1 and TEST2. In Test 1 and Test 2 SSLv3 is disabled. From TEST 2 tomcat a request is being sent to TEST 1 via
https://TEST1/something.
When this happens, I get below errors in tomcat logs
2015-02-19 02:29:00|ERROR|c.m.e.b.a.LoadTasklet|loadAssociatesSchedulerFactory_Worker-1|Exception :::
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.jav a:151) ~[jersey-client-1.17.1.jar:1.17.1]
at com.sun.jersey.api.client.Client.handle(Client.java:648) ~[jersey-client-1.17.1.jar:1.17.1]
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:680) ~[jersey-client-1.17.1.jar:1.17.1]
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74) ~[jersey-client-1.17.1.jar:1.17.1]
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:882) ~[na:1.6]
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1203) ~[na:1.6]
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1230) ~[na:1.6]
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1214) ~[na:1.6]
There is no SSL configurations anywhere in web server/tomcat (confirmed by my application team), but I am seeing SSL errors in logs, I am not sure from where its getting logged. I suspect its coming from jdk-1.6
If I enabled SSLv3 in both TEST1 and TEST2, application starts to work fine.