wiki:ESGF_SSLHandshakeException

Version 2 (modified by terryk, 7 years ago) (diff)

--

Info exception

https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https http://stackoverflow.com/questions/6383207/how-to-use-tlsv1-or-sslv3-for-first-handshakeclient-hello-in-java

When making an HTTPS connection, let’s assume that the client threw the following exception due to a failed handshake with the server:

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Applying the -Djavax.net.debug=all property from above, the failure associated with this SSLHandshakeException would appear immediately after algorithm negotiation in the logs.

Avoid exception:

VM arguments

-Djavax.net.ssl.trustStore=/home/terryk/.esg/esg-truststore.ts -Djavax.net.ssl.trustStorePassword=changeit
-Djavax.net.debug=all -Dhttps.protocols="TLSv1,SSLv3"

Program arguments it

--oid userOpenIDURL -P password --output outputfil

Get property in code:

System.getProperty("https.protocols")

Set property in code:

System.setProperty("https.protocols", "TLSv1,SSLv3");

Produced by

modifications in /usr/local/tomcat/conf/server.xml

sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
instead of
sslProtocol="TLS"

Attachments (1)

Download all attachments as: .zip