CommunicationException with LDAPS when using native image

[Abhi-Codes]

Describe the issue.

I am getting the below issue when using a native image. With JVM based uber jar , no issues.
Spring Boot 3.0.1
openjdk version "17.0.5" 2022-10-18
OpenJDK Runtime Environment GraalVM CE 22.3.0 (build 17.0.5+8-jvmci-22.3-b08)
OpenJDK 64-Bit Server VM GraalVM CE 22.3.0 (build 17.0.5+8-jvmci-22.3-b08, mixed mode, sharing)

Application properties

spring.ldap.urls=ldaps://xxx-ad-vip.xxx.com:636
spring.ldap.username=svc.xxx
spring.ldap.password=xxx

Build native executable

./mvnw -Pnative native:compile

Running native executable like below :

./target/ldap-service --spring.profiles.active=local --javax.net.ssl.trustStore=/Users/abhi/Downloads/truststore.jks --javax.net.ssl.trustStorePassword=changeit

StackTrace :

org.springframework.ldap.CommunicationException: xxx-ad-vip.xxx.com:636
	at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108) ~[na:na]
	at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:363) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:147) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:166) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:367) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:319) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:626) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:596) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:1661) ~[ldap-service:3.0.0]
	at com.vmware.ldapservice.serviceImpl.LDAPServiceImpl.getADAttributes(LDAPServiceImpl.java:82) ~[ldap-service:na]
	at [email protected]/java.lang.reflect.Method.invoke(Method.java:568) ~[ldap-service:na]
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343) ~[na:na]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:196) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:752) ~[na:na]
	at org.springframework.cache.interceptor.CacheInterceptor.lambda$invoke$0(CacheInterceptor.java:54) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheAspectSupport.invokeOperation(CacheAspectSupport.java:366) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:421) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:345) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheInterceptor.invoke(CacheInterceptor.java:64) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:752) ~[na:na]
	at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:703) ~[na:na]
	at com.xxx.ldapservice.serviceImpl.LDAPServiceImpl$$SpringCGLIB$$0.getADAttributes(<generated>) ~[ldap-service:na]
	at com.xxx.ldapservice.controller.LdapController.lambda$0(LdapController.java:34) ~[ldap-service:na]
	at [email protected]/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768) ~[na:na]
	at [email protected]/java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1760) ~[na:na]
	at [email protected]/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:373) ~[ldap-service:na]
	at [email protected]/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1182) ~[na:na]
	at [email protected]/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1655) ~[ldap-service:na]
	at [email protected]/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1622) ~[ldap-service:na]
	at [email protected]/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:165) ~[ldap-service:na]
	at org.graalvm.nativeimage.builder/com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine(PlatformThreads.java:775) ~[ldap-service:na]
	at org.graalvm.nativeimage.builder/com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine(PosixPlatformThreads.java:203) ~[na:na]
Caused by: javax.naming.CommunicationException: xxx-ad-vip.xxx.com:636
	at [email protected]/com.sun.jndi.ldap.Connection.<init>(Connection.java:253) ~[na:na]
	at [email protected]/com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) ~[na:na]
	at [email protected]/com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1616) ~[na:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2848) ~[na:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348) ~[na:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225) ~[ldap-service:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189) ~[ldap-service:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243) ~[ldap-service:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154) ~[ldap-service:na]
	at [email protected]/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84) ~[ldap-service:na]
	at [email protected]/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:732) ~[ldap-service:na]
	at [email protected]/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305) ~[ldap-service:na]
	at [email protected]/javax.naming.InitialContext.init(InitialContext.java:236) ~[ldap-service:na]
	at [email protected]/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:na]
	at org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:42) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:351) ~[ldap-service:3.0.0]
	... 32 common frames omitted
Caused by: java.lang.NoSuchMethodException: javax.net.ssl.SSLSocketFactory.getDefault()
	at [email protected]/java.lang.Class.getMethod(DynamicHub.java:2227) ~[ldap-service:na]
	at [email protected]/com.sun.jndi.ldap.Connection.createSocket(Connection.java:293) ~[na:na]
	at [email protected]/com.sun.jndi.ldap.Connection.<init>(Connection.java:232) ~[na:na]
	... 47 common frames omitted

[Abhi-Codes]

@jzheaux Perhaps someone can have a look at this issue. Not able to migrate to Spring Boot 3 native image because of it.

[jzheaux]

Thanks, @Abhi-Codes, I've scheduled this for the next maintenance release.

[Abhi-Codes]

Great , thanks @jzheaux

[Abhi-Codes]

Meanwhile, folks who are facing the issue can add a RuntimeHint for missing javax.net.ssl.SSLSocketFactory.getDefault().

static class MyHint implements RuntimeHintsRegistrar {
    @Override
	public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
        hints.reflection().registerType(TypeReference.of("javax.net.ssl.SSLSocketFactory"), builder -> builder.withMembers(MemberCategory.INVOKE_PUBLIC_METHODS));
    }
}

and @ImportRuntimeHints(MyHint.class) to your Spring Boot application (main class).