mtls-certificates: CertificateRoleMappingTest fails in native

[Karm]

Describe the bug

[ERROR] Failures: 
[ERROR]   CertificateRoleMappingIT>CertificateRoleMappingTest.testNoClientCertificate:49 Insecure requests must fail at the transport level ==> Unexpected exception type thrown, expected: <java.net.ConnectException> but was: <javax.net.ssl.SSLHandshakeException>

Expected behavior

Both JVM mode and Native mode pass the test.

Actual behavior

Native mode fails.

How to Reproduce?

$ ./mvnw clean install -f integration-tests -pl mtls-certificates -Pnative -Dstart-containers -DskipTests=false -DskipITs=false -Dnative.surefire.skip=false

Output of uname -a or ver

Linux mandrel2 5.14.0-407.el9.aarch64 #1 SMP PREEMPT_DYNAMIC Thu Jan 11 00:18:37 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux

Output of java -version

OpenJDK Runtime Environment Mandrel-23.1.3.1-Final (build 21.0.3+9-LTS)

Quarkus version or git rev

3.10.0

Build tool (ie. output of mvnw --version or gradlew --version)

Apache Maven 3.9.3 (21122926829f1ead511c958d89bd2f672198ae9f)

Additional information

No response

[quarkus-bot[bot]]

/cc @galderz (mandrel), @zakkak (mandrel,native-image)

[sberyozkin]

Hi @Karm It is probably system or GraalVM version dependent, how Java SSL reacts to an SSL error, and we can fix it by adding an extra catch block in the test, would you like to add it ?

[sberyozkin]

@Karm Sorry, I noticed you self-assigned, whatever fix you prefer will be nice to have

[Karm]

@sberyozkin Hello, I am sorry, I forgot about this issue completely. I've just read it on loglevel DEBUG as it seemed weird that the connection was supposed to be refused. The native behavior seemed more correct to me, i.e. a failed handshake.

It all boils down to the testframework and the ports the test app is started with. The test has never worked before in HotSpot, because it had been trying to connect to a wrong port, hence the Connection exception.