handshake_failure connecting Java client through SSL to Tomcat server -

- 

private void connect(httpsurlconnection uc) throws ioexception {     uc.sethostnameverifier(new hostnameverifier() {         public boolean verify(string host, sslsession sess) {             return true;         }     });      uc.setrequestproperty("content-type", "application/json");     uc.setreadtimeout(15 * 1000); // 15 seconds     uc.connect(); }

it failing on clienthello:

trigger seeding of securerandom done seeding securerandom allow unsafe renegotiation: false allow legacy hello messages: true initial handshake: true secure renegotiation: false main, setsotimeout(15000) called %% no cached client session *** clienthello, tlsv1 randomcookie:  gmt: 1461489945 bytes = { 239, 82, 110, 194, 165, 173, 168, 22, 133, 76, 38, 213, 207, 244, 9, 221, 112, 233, 210, 113, 109, 219, 5, 76, 66, 199, 195, 132 } session id:  {} cipher suites: [ssl_rsa_with_rc4_128_md5, ssl_rsa_with_rc4_128_sha, tls_rsa_with_aes_128_cbc_sha, tls_dhe_rsa_with_aes_128_cbc_sha, tls_dhe_dss_with_aes_128_cbc_sha, ssl_rsa_with_3des_ede_cbc_sha, ssl_dhe_rsa_with_3des_ede_cbc_sha, ssl_dhe_dss_with_3des_ede_cbc_sha, ssl_rsa_with_des_cbc_sha, ssl_dhe_rsa_with_des_cbc_sha, ssl_dhe_dss_with_des_cbc_sha, ssl_rsa_export_with_rc4_40_md5, ssl_rsa_export_with_des40_cbc_sha, ssl_dhe_rsa_export_with_des40_cbc_sha, ssl_dhe_dss_export_with_des40_cbc_sha, tls_empty_renegotiation_info_scsv] compression methods:  { 0 } *** [write] md5 , sha1 hashes:  len = 75 0000: 01 00 00 47 03 01 57 1d   91 19 ef 52 6e c2 a5 ad  ...g..w....rn... 0010: a8 16 85 4c 26 d5 cf f4   09 dd 70 e9 d2 71 6d db  ...l&.....p..qm. 0020: 05 4c 42 c7 c3 84 00 00   20 00 04 00 05 00 2f 00  .lb..... ...../. 0030: 33 00 32 00 0a 00 16 00   13 00 09 00 15 00 12 00  3.2............. 0040: 03 00 08 00 14 00 11 00   ff 01 00                 ........... main, write: tlsv1 handshake, length = 75 [write] md5 , sha1 hashes:  len = 101 0000: 01 03 01 00 3c 00 00 00   20 00 00 04 01 00 80 00  ....<... ....... 0010: 00 05 00 00 2f 00 00 33   00 00 32 00 00 0a 07 00  ..../..3..2..... 0020: c0 00 00 16 00 00 13 00   00 09 06 00 40 00 00 15  ............@... 0030: 00 00 12 00 00 03 02 00   80 00 00 08 00 00 14 00  ................ 0040: 00 11 00 00 ff 57 1d 91   19 ef 52 6e c2 a5 ad a8  .....w....rn.... 0050: 16 85 4c 26 d5 cf f4 09   dd 70 e9 d2 71 6d db 05  ..l&.....p..qm.. 0060: 4c 42 c7 c3 84                                     lb... main, write: sslv2 client hello message, length = 101 [raw write]: length = 103 0000: 80 65 01 03 01 00 3c 00   00 00 20 00 00 04 01 00  .e....<... ..... 0010: 80 00 00 05 00 00 2f 00   00 33 00 00 32 00 00 0a  ....../..3..2... 0020: 07 00 c0 00 00 16 00 00   13 00 00 09 06 00 40 00  ..............@. 0030: 00 15 00 00 12 00 00 03   02 00 80 00 00 08 00 00  ................ 0040: 14 00 00 11 00 00 ff 57   1d 91 19 ef 52 6e c2 a5  .......w....rn.. 0050: ad a8 16 85 4c 26 d5 cf   f4 09 dd 70 e9 d2 71 6d  ....l&.....p..qm 0060: db 05 4c 42 c7 c3 84                               ..lb... [raw read]: length = 5 0000: 15 03 03 00 02                                     ..... [raw read]: length = 2 0000: 02 28                                              .( main, read: unknown-3.3 alert, length = 2 main, recv tlsv1 alert:  fatal, handshake_failure main, called closesocket() main, handling exception: javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure     @ com.sun.net.ssl.internal.ssl.alerts.getsslexception(unknown source)     @ com.sun.net.ssl.internal.ssl.alerts.getsslexception(unknown source)     @ com.sun.net.ssl.internal.ssl.sslsocketimpl.recvalert(unknown source)     @ com.sun.net.ssl.internal.ssl.sslsocketimpl.readrecord(unknown source)     @ com.sun.net.ssl.internal.ssl.sslsocketimpl.performinitialhandshake(unknown source)     @ com.sun.net.ssl.internal.ssl.sslsocketimpl.starthandshake(unknown source)     @ com.sun.net.ssl.internal.ssl.sslsocketimpl.starthandshake(unknown source)     @ sun.net.www.protocol.https.httpsclient.afterconnect(unknown source)     @ sun.net.www.protocol.https.abstractdelegatehttpsurlconnection.connect(unknown source)     @ sun.net.www.protocol.https.httpsurlconnectionimpl.connect(unknown source)     @ com.axa.openam.openam_restcalls.connect(openam_restcalls.java:72)     @ com.axa.openam.openam_restcalls.amrestauthn(openam_restcalls.java:91)     @ com.axa.openam.test.main(test.java:16)

the client runs on java jre6. tomcat server runs on java jdk1.8.0_11.

the https configuration in tomcat server.xml:

<connector port="8443" protocol="org.apache.coyote.http11.http11protocol" keystorefile="/export/home/oblxuser/wes/keystore.jks" keystorepass="changeit" keyalias="root"                maxthreads="150" sslenabled="true" scheme="https" secure="true" ciphers="tls_ecdhe_rsa_with_aes_128_cbc_sha256,tls_ecdhe_rsa_with_aes_128_cbc_sha,tls_ecdhe_rsa_with_aes_256_cbc_sha384,tls_ecdhe_rsa_with_aes_256_cbc_sha,tls_rsa_with_aes_128_cbc_sha256,tls_rsa_with_aes_128_cbc_sha,tls_rsa_with_aes_256_cbc_sha256,tls_rsa_with_aes_256_cbc_sha" uriencoding="utf-8" clientauth="false" sslprotocol="tls" />

i've tried bunch of things. suspicion there incompatibility somewhere, need client run on java 1.6 , similar deal server running on 1.8.

on server side, keystore.jks generated java jre6 version of keytool in attempt make work client.

my suspicion there incompatibility somewhere, client's java version not compatible tomcat server's java version, or tomcat server's java version not compatible keystore's java version, or have you. i've tried bunch of different stuff exact same result every time.

i don't have lot of room changing versions of client or tomcat server, if cause appreciate being pointed out (and workaround solutions of course).


Comments

Post a Comment

Popular posts from this blog

javascript - How to get current YouTube IDs via iMacros? -

-
i want viewed youtube video id , save csv via imacros, gets nothing. here js code: var videoid; videoid ="code:"; videoid +="url goto=https://www.youtube.com/watch?v=dbnywxdz_pa"+"\n"; videoid +="add !extract {{!urlcurrent}}"+"\n"; videoid +="set !var1 eval(\"var s=\"{{!urlcurrent}}\"; s.match((?<=watch\\?v=|/videos/|embed\\/)[^#\\&\\?]*);s[0]; \")"+"\n"; videoid +="add !extract {{!var1}}"+"\n"; videoid +="saveas type=extract folder=* file=url.csv"+"\n"; try this: var videoid = "url goto=https://www.youtube.com/watch?v=dbnywxdz_pa" + "\n"; videoid += "set !extract {{!urlcurrent}}" + "\n"; videoid += 'set !extract eval("\'{{!extract}}\'.match(/v=(.{11})/)[1];")' + "\n"; videoid += "saveas type=extract folder=* file=url.csv" + "\n"; iimplay
Read more

c# - Maintaining a program folder in program files out of date? -

-
for program i'm writing in vs c# wpf need store user related information on user's computer. far knew has been done creating folder in c:\program files , adding whatever program related info folder in subfolders or whatever. after doing browsing came across lot of people saying method out of date because access may denied create folder there, works administrative accounts, etc.. 1 site suggested saving c:\users\username\appdata\roaming or c:\users\username\appdata\local. question best , date method saving program data users computer? also take @ msdn article . it uwp apps have general idea put if developing wpf app. you may need these folders: environment.specialfolder.applicationdata environment.specialfolder.localapplicationdata environment.specialfolder.commonapplicationdata
Read more

emulation - Android map show my location didn't work -

-
i have been struggle current location in google map, tried official map demo, not working also. shows getmylocation button on upper right, didn't show blue dot on map current location. here code , i'm using emulator target api 23, guess may emulator's problem since code download directly github. advice appreciated. [screenshot][1] package com.example.mapdemo; import com.google.android.gms.maps.googlemap; import com.google.android.gms.maps.googlemap.onmylocationbuttonclicklistener; import com.google.android.gms.maps.onmapreadycallback; import com.google.android.gms.maps.supportmapfragment; import android.manifest; import android.content.pm.packagemanager; import android.os.bundle; import android.support.annotation.nonnull; import android.support.v4.app.activitycompat; import android.support.v4.content.contextcompat; import android.support.v7.app.appcompatactivity; import android.widget.toast; /** * demo
Read more