views:

2

answers:

0

We have a java application which runs inside apache/tomcat which connects to web service hosted on IIS /Windows 2003 R2. The connection is made over SSL. Recently to enhance security , we have moved the security provider in JRE from default sun libraries to libraries provides by RSA. After that we are not able to connect to webservice and it throws an error saying "Inbound closed before receiving peer's close_notify: possible truncation attack?" We tried to capture the logs using wireshack and it seems the IIS server is sending FIN before close_notify event. The protocol enforced by the server is TLS 1.0