javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Try upgrading the java version you are using. I had the same problem when using 1.6.0_21 and problem solved by upgrading to 1.6.0_32.
Comments
-
kpatil almost 2 years
I am to consume a certain web service that the server guys have developed and hosted. SSL is involved, client is Axis 1x, and the certificate is not from a trusted CA.
I think, I have accommodated everything required, like creating a custom keystore, having a custom SocketFactory, and a custom TrustManager; but still I keep receiving handshake_failure.
Here is what I have done so far:
C:\Program Files\Java\jdk1.6.0_17\bin>keytool -importkeystore -srckeystore D:\mywork\test_client_cert.p12 -srcstoretype PKCS12 -destkeystore test_client_cert.jks -deststoretype JKS C:\Program Files\Java\jdk1.6.0_17\bin>copy test_client_cert.jks ..\jre\lib\security\
excerpts from my code:
public class MyCustomSecureSocketFactory extends JSSESocketFactory { // ... protected SSLContext getContext() throws Exception { char[] keyStorePass = "mypass"; java.io.File keyStoreFile = new java.io.File(System.getProperty("java.home") + "/lib/security/test_client_cert.jks"; if(!keyStoreFile.exists()) throw new Exception("Could not read the KeyStore file"); InputStream keyStoreIS = new java.io.FileInputStream(keyStoreFile); try { KeyStore keyStore = KeyStore.getInstance("jks");//2012.04.24: KeyStore.getDefaultType()); keyStore.load(keyStoreIS, keyStorePass); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, keyStorePass); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(new KeyManager[0], new TrustManager[] {new com.myapp.MyTrustManager()}, new SecureRandom()); return sslContext; } catch (Exception e) { throw e; } finally { keyStoreIS.close(); } } public javax.net.ssl.SSLSocket create(java.lang.String host, int port, StringBuffer otherHeaders, BooleanHolder useFullURL) throws Exception { javax.net.ssl.SSLSocket mySSLSocket = (SSLSocket) super.create(host, port, otherHeaders, useFullURL); mySSLSocket.setEnabledProtocols("TLSv1,SSLv3".split(",")); //mySSLSocket.setEnabledCipherSuites(new String[] {"SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", ... many more in this list, removed for brevity return mySSLSocket; } }
A test JSP which has:
AxisProperties.setProperty("https.proxyHost", myProxy); AxisProperties.setProperty("https.proxyPort", myProxyPort); AxisProperties.setProperty("https.proxyUser", myProxyUser); AxisProperties.setProperty("https.proxyPassword", myProxyPass); System.setProperty("https.protocols", "TLSv1"); AxisProperties.setProperty("axis.socketSecureFactory", "com.myApp.MyCustomSecureSocketFactory"); AxisProperties.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true"); Service w_Service = new Service(); Call w_Call = (Call) w_Service.createCall(); w_Call.setTargetEndpointAddress(new java.net.URL("https://<<testsiteIPAddr>>/<<whatever>>/int/?wsdl")); w_Call.setOperationName("GetInfo"); // takes 2 parameters w_Call.addParameter("param1", org.apache.axis.Constants.XSD_STRING, ParameterMode.IN); w_Call.addParameter("param2", org.apache.axis.Constants.XSD_STRING, ParameterMode.IN); w_Call.setReturnType(org.apache.axis.Constants.XSD_STRING); System.out.println("Invoking method ..."); String w_RetVal = (String) w_Call.invoke(new String[]{"test", "me"}); System.out.println("Method returned: " + w_RetVal);
The server guy just has the following info for me:
SSLProtocol all -SSLv2 SSLCipherSuite TLSv1:SSLv3:!SSLv2:!EXP:!NULL:!LOW:!aNULL:!eNULL
And reports:
Access Log:
"POST /<<whatever>>/int/?wsdl HTTP/1.0" 403 – "POST /<<whatever>>/int/?wsdl HTTP/1.0" 403 –
Error Log:
Re-negotiation handshake failed: Not accepted by client!? Re-negotiation handshake failed: Not accepted by client!?
Request Log:
SSLv3 RC4-MD5 "POST /<<whatever>>/int/?wsdl HTTP/1.0" – SSLv3 RC4-MD5 "POST /<<whatever>>/int/?wsdl HTTP/1.0" –
Finally, some part of the SSL debug (I removed some lines from the beginning which print the certificate information. BTW, the said certificate 'does' show up in the SSL debug):
13:57:14,200 INFO [STDOUT] *** 13:57:14,203 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Handshake, length = 4 13:57:14,224 INFO [STDOUT] *** ServerHelloDone 13:57:14,241 INFO [STDOUT] *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 13:57:14,241 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Handshake, length = 134 13:57:14,242 INFO [STDOUT] SESSION KEYGEN: 13:57:14,248 INFO [STDOUT] PreMaster Secret: 000013:57:14,250 INFO [STDOUT] : 0313:57:14,251 INFO [STDOUT] 0113:57:14,251 INFO [STDOUT] 3813:57:14,251 INFO [STDOUT] ED13:57:14,251 INFO [STDOUT] 7B13:57:14,251 INFO [STDOUT] BF13:57:14,252 INFO [STDOUT] A113:57:14,252 INFO [STDOUT] 3213:57:14,252 INFO [STDOUT] 13:57:14,252 INFO [STDOUT] 8313:57:14,252 INFO [STDOUT] 2313:57:14,252 INFO [STDOUT] BE13:57:14,253 INFO [STDOUT] 9713:57:14,264 INFO [STDOUT] 9013:57:14,265 INFO [STDOUT] 4A13:57:14,267 INFO [STDOUT] F013:57:14,275 INFO [STDOUT] F813:57:14,277 INFO [STDOUT] 13:57:14,277 INFO [STDOUT] 13:57:14,277 INFO [STDOUT] . 13:57:14,278 INFO [STDOUT] . 813:57:14,278 INFO [STDOUT] . 13:57:14,278 INFO [STDOUT] . 13:57:14,278 INFO [STDOUT] . 13:57:14,278 INFO [STDOUT] . 213:57:14,279 INFO [STDOUT] . #13:57:14,279 INFO [STDOUT] . 13:57:14,279 INFO [STDOUT] . 13:57:14,280 INFO [STDOUT] . J13:57:14,290 INFO [STDOUT] . 13:57:14,290 INFO [STDOUT] . 001013:57:14,290 INFO [STDOUT] : D913:57:14,290 INFO [STDOUT] F613:57:14,290 INFO [STDOUT] 6F13:57:14,291 INFO [STDOUT] 2B13:57:14,291 INFO [STDOUT] 3913:57:14,291 INFO [STDOUT] B913:57:14,291 INFO [STDOUT] 0813:57:14,291 INFO [STDOUT] 1013:57:14,292 INFO [STDOUT] 13:57:14,292 INFO [STDOUT] 6013:57:14,292 INFO [STDOUT] D013:57:14,292 INFO [STDOUT] 5813:57:14,292 INFO [STDOUT] 8C13:57:14,293 INFO [STDOUT] BF13:57:14,304 INFO [STDOUT] 6D13:57:14,308 INFO [STDOUT] 4513:57:14,314 INFO [STDOUT] 5813:57:14,317 INFO [STDOUT] 13:57:14,320 INFO [STDOUT] 13:57:14,320 INFO [STDOUT] . 13:57:14,321 INFO [STDOUT] . o+913:57:14,321 INFO [STDOUT] . 13:57:14,322 INFO [STDOUT] . 13:57:14,322 INFO [STDOUT] . `13:57:14,322 INFO [STDOUT] . X13:57:14,322 INFO [STDOUT] . 13:57:14,323 INFO [STDOUT] . mEX002013:57:14,323 INFO [STDOUT] : AB13:57:14,323 INFO [STDOUT] BB13:57:14,323 INFO [STDOUT] 0913:57:14,324 INFO [STDOUT] 7713:57:14,329 INFO [STDOUT] 8213:57:14,329 INFO [STDOUT] 5513:57:14,329 INFO [STDOUT] B613:57:14,329 INFO [STDOUT] 3913:57:14,329 INFO [STDOUT] 13:57:14,330 INFO [STDOUT] FA13:57:14,330 INFO [STDOUT] 3E13:57:14,330 INFO [STDOUT] 6C13:57:14,330 INFO [STDOUT] 0F13:57:14,330 INFO [STDOUT] 7A13:57:14,331 INFO [STDOUT] 3C13:57:14,331 INFO [STDOUT] 3F13:57:14,331 INFO [STDOUT] 7313:57:14,331 INFO [STDOUT] 13:57:14,331 INFO [STDOUT] 13:57:14,331 INFO [STDOUT] . 13:57:14,332 INFO [STDOUT] . 13:57:14,332 INFO [STDOUT] . w13:57:14,332 INFO [STDOUT] . U13:57:14,332 INFO [STDOUT] . 913:57:14,333 INFO [STDOUT] . >l13:57:14,333 INFO [STDOUT] . z<?s13:57:14,353 INFO [STDOUT] CONNECTION KEYGEN: 13:57:14,354 INFO [STDOUT] Client Nonce: 000013:57:14,357 INFO [STDOUT] : 4F13:57:14,359 INFO [STDOUT] 9613:57:14,360 INFO [STDOUT] 6313:57:14,368 INFO [STDOUT] E113:57:14,371 INFO [STDOUT] 4813:57:14,372 INFO [STDOUT] 2F13:57:14,381 INFO [STDOUT] FB13:57:14,383 INFO [STDOUT] F613:57:14,383 INFO [STDOUT] 13:57:14,383 INFO [STDOUT] 9E13:57:14,383 INFO [STDOUT] C813:57:14,383 INFO [STDOUT] 3D13:57:14,383 INFO [STDOUT] F513:57:14,384 INFO [STDOUT] 1613:57:14,384 INFO [STDOUT] DE13:57:14,384 INFO [STDOUT] 4F13:57:14,384 INFO [STDOUT] 5913:57:14,384 INFO [STDOUT] 13:57:14,384 INFO [STDOUT] O13:57:14,385 INFO [STDOUT] . c13:57:14,385 INFO [STDOUT] . H/13:57:14,385 INFO [STDOUT] . 13:57:14,385 INFO [STDOUT] . 13:57:14,386 INFO [STDOUT] . 13:57:14,399 INFO [STDOUT] . =13:57:14,400 INFO [STDOUT] . 13:57:14,400 INFO [STDOUT] . 13:57:14,400 INFO [STDOUT] . OY001013:57:14,400 INFO [STDOUT] : 2F13:57:14,401 INFO [STDOUT] 0513:57:14,401 INFO [STDOUT] 9413:57:14,402 INFO [STDOUT] 1C13:57:14,407 INFO [STDOUT] 4213:57:14,411 INFO [STDOUT] E413:57:14,412 INFO [STDOUT] F413:57:14,414 INFO [STDOUT] C613:57:14,422 INFO [STDOUT] 13:57:14,422 INFO [STDOUT] 7213:57:14,422 INFO [STDOUT] 5613:57:14,422 INFO [STDOUT] 4A13:57:14,423 INFO [STDOUT] 9C13:57:14,423 INFO [STDOUT] 9813:57:14,423 INFO [STDOUT] AD13:57:14,423 INFO [STDOUT] B813:57:14,423 INFO [STDOUT] 0713:57:14,423 INFO [STDOUT] 13:57:14,424 INFO [STDOUT] /13:57:14,424 INFO [STDOUT] . 13:57:14,424 INFO [STDOUT] . 13:57:14,424 INFO [STDOUT] . B13:57:14,424 INFO [STDOUT] . 13:57:14,425 INFO [STDOUT] . 13:57:14,425 INFO [STDOUT] . rVJ13:57:14,425 INFO [STDOUT] . 13:57:14,425 INFO [STDOUT] . 13:57:14,425 INFO [STDOUT] . 13:57:14,425 INFO [STDOUT] . 13:57:14,426 INFO [STDOUT] . 13:57:14,427 INFO [STDOUT] Server Nonce: 000013:57:14,439 INFO [STDOUT] : 4F13:57:14,447 INFO [STDOUT] 9613:57:14,450 INFO [STDOUT] 6313:57:14,452 INFO [STDOUT] E613:57:14,453 INFO [STDOUT] DA13:57:14,461 INFO [STDOUT] D413:57:14,466 INFO [STDOUT] D113:57:14,466 INFO [STDOUT] 6913:57:14,473 INFO [STDOUT] 13:57:14,476 INFO [STDOUT] F413:57:14,478 INFO [STDOUT] 1513:57:14,479 INFO [STDOUT] 4213:57:14,488 INFO [STDOUT] 0513:57:14,490 INFO [STDOUT] 1413:57:14,490 INFO [STDOUT] 5613:57:14,492 INFO [STDOUT] 1913:57:14,500 INFO [STDOUT] D013:57:14,503 INFO [STDOUT] 13:57:14,505 INFO [STDOUT] O13:57:14,506 INFO [STDOUT] . c13:57:14,515 INFO [STDOUT] . 13:57:14,517 INFO [STDOUT] . 13:57:14,519 INFO [STDOUT] . 13:57:14,521 INFO [STDOUT] . i13:57:14,531 INFO [STDOUT] . 13:57:14,532 INFO [STDOUT] . B13:57:14,532 INFO [STDOUT] . 13:57:14,540 INFO [STDOUT] . V13:57:14,542 INFO [STDOUT] . 13:57:14,542 INFO [STDOUT] . 001013:57:14,542 INFO [STDOUT] : D813:57:14,542 INFO [STDOUT] 9F13:57:14,543 INFO [STDOUT] DD13:57:14,543 INFO [STDOUT] 1813:57:14,543 INFO [STDOUT] 9E13:57:14,543 INFO [STDOUT] 3413:57:14,543 INFO [STDOUT] CF13:57:14,544 INFO [STDOUT] DC13:57:14,544 INFO [STDOUT] 13:57:14,544 INFO [STDOUT] 1213:57:14,544 INFO [STDOUT] 6D13:57:14,544 INFO [STDOUT] 5D13:57:14,544 INFO [STDOUT] 7D13:57:14,545 INFO [STDOUT] 7F13:57:14,546 INFO [STDOUT] 2413:57:14,557 INFO [STDOUT] 6813:57:14,559 INFO [STDOUT] 2613:57:14,567 INFO [STDOUT] 13:57:14,569 INFO [STDOUT] 13:57:14,569 INFO [STDOUT] . 13:57:14,569 INFO [STDOUT] . 13:57:14,569 INFO [STDOUT] . 13:57:14,569 INFO [STDOUT] . 13:57:14,569 INFO [STDOUT] . 413:57:14,570 INFO [STDOUT] . 13:57:14,570 INFO [STDOUT] . 13:57:14,570 INFO [STDOUT] . m]13:57:14,570 INFO [STDOUT] . 13:57:14,570 INFO [STDOUT] . $h&13:57:14,571 INFO [STDOUT] Master Secret: 000013:57:14,571 INFO [STDOUT] : A813:57:14,571 INFO [STDOUT] 5313:57:14,571 INFO [STDOUT] 1013:57:14,571 INFO [STDOUT] 5613:57:14,572 INFO [STDOUT] 3213:57:14,585 INFO [STDOUT] AD13:57:14,585 INFO [STDOUT] A613:57:14,586 INFO [STDOUT] A213:57:14,586 INFO [STDOUT] 13:57:14,586 INFO [STDOUT] BB13:57:14,586 INFO [STDOUT] A213:57:14,587 INFO [STDOUT] 1F13:57:14,588 INFO [STDOUT] 8D13:57:14,588 INFO [STDOUT] 4613:57:14,594 INFO [STDOUT] 5F13:57:14,594 INFO [STDOUT] E813:57:14,594 INFO [STDOUT] DD13:57:14,597 INFO [STDOUT] 13:57:14,598 INFO [STDOUT] 13:57:14,600 INFO [STDOUT] . S13:57:14,609 INFO [STDOUT] . V213:57:14,609 INFO [STDOUT] . 13:57:14,609 INFO [STDOUT] . 13:57:14,610 INFO [STDOUT] . 13:57:14,610 INFO [STDOUT] . 13:57:14,610 INFO [STDOUT] . 13:57:14,610 INFO [STDOUT] . 13:57:14,610 INFO [STDOUT] . F_13:57:14,610 INFO [STDOUT] . 13:57:14,611 INFO [STDOUT] . 001013:57:14,611 INFO [STDOUT] : 4813:57:14,611 INFO [STDOUT] 6813:57:14,611 INFO [STDOUT] 3013:57:14,611 INFO [STDOUT] ED13:57:14,612 INFO [STDOUT] BF13:57:14,612 INFO [STDOUT] 1513:57:14,612 INFO [STDOUT] F513:57:14,612 INFO [STDOUT] A713:57:14,612 INFO [STDOUT] 13:57:14,612 INFO [STDOUT] 7B13:57:14,613 INFO [STDOUT] 0513:57:14,624 INFO [STDOUT] AF13:57:14,626 INFO [STDOUT] EC13:57:14,634 INFO [STDOUT] DE13:57:14,636 INFO [STDOUT] EE13:57:14,636 INFO [STDOUT] 4D13:57:14,636 INFO [STDOUT] 5513:57:14,636 INFO [STDOUT] 13:57:14,637 INFO [STDOUT] Hh013:57:14,637 INFO [STDOUT] . 13:57:14,637 INFO [STDOUT] . 13:57:14,637 INFO [STDOUT] . 13:57:14,637 INFO [STDOUT] . 13:57:14,637 INFO [STDOUT] . 13:57:14,638 INFO [STDOUT] . 13:57:14,638 INFO [STDOUT] . 13:57:14,638 INFO [STDOUT] . 13:57:14,638 INFO [STDOUT] . 13:57:14,639 INFO [STDOUT] . 13:57:14,652 INFO [STDOUT] . MU002013:57:14,652 INFO [STDOUT] : 8313:57:14,652 INFO [STDOUT] D513:57:14,653 INFO [STDOUT] 4813:57:14,653 INFO [STDOUT] ED13:57:14,654 INFO [STDOUT] DC13:57:14,660 INFO [STDOUT] FD13:57:14,662 INFO [STDOUT] EF13:57:14,665 INFO [STDOUT] 2E13:57:14,666 INFO [STDOUT] 13:57:14,674 INFO [STDOUT] 3213:57:14,678 INFO [STDOUT] B513:57:14,678 INFO [STDOUT] 2813:57:14,678 INFO [STDOUT] D713:57:14,678 INFO [STDOUT] AB13:57:14,679 INFO [STDOUT] 9113:57:14,687 INFO [STDOUT] B513:57:14,689 INFO [STDOUT] 6B13:57:14,689 INFO [STDOUT] 13:57:14,689 INFO [STDOUT] 13:57:14,689 INFO [STDOUT] . 13:57:14,689 INFO [STDOUT] . H13:57:14,689 INFO [STDOUT] . 13:57:14,690 INFO [STDOUT] . 13:57:14,690 INFO [STDOUT] . 13:57:14,690 INFO [STDOUT] . .213:57:14,690 INFO [STDOUT] . (13:57:14,690 INFO [STDOUT] . 13:57:14,690 INFO [STDOUT] . 13:57:14,691 INFO [STDOUT] . 13:57:14,691 INFO [STDOUT] . k13:57:14,691 INFO [STDOUT] Client MAC write Secret: 000013:57:14,691 INFO [STDOUT] : BC13:57:14,692 INFO [STDOUT] E713:57:14,692 INFO [STDOUT] 8313:57:14,692 INFO [STDOUT] C613:57:14,692 INFO [STDOUT] AB13:57:14,692 INFO [STDOUT] 2313:57:14,692 INFO [STDOUT] 6E13:57:14,693 INFO [STDOUT] 5413:57:14,706 INFO [STDOUT] 13:57:14,714 INFO [STDOUT] 8E13:57:14,714 INFO [STDOUT] 1A13:57:14,714 INFO [STDOUT] DD13:57:14,714 INFO [STDOUT] 4613:57:14,715 INFO [STDOUT] EC13:57:14,715 INFO [STDOUT] 2213:57:14,715 INFO [STDOUT] 5813:57:14,715 INFO [STDOUT] 2513:57:14,715 INFO [STDOUT] 13:57:14,716 INFO [STDOUT] 13:57:14,716 INFO [STDOUT] . 13:57:14,716 INFO [STDOUT] . 13:57:14,717 INFO [STDOUT] . 13:57:14,717 INFO [STDOUT] . 13:57:14,717 INFO [STDOUT] . #nT13:57:14,717 INFO [STDOUT] . 13:57:14,717 INFO [STDOUT] . 13:57:14,718 INFO [STDOUT] . F13:57:14,718 INFO [STDOUT] . "X%13:57:14,718 INFO [STDOUT] Server MAC write Secret: 000013:57:14,718 INFO [STDOUT] : 0713:57:14,719 INFO [STDOUT] 1D13:57:14,719 INFO [STDOUT] 3213:57:14,719 INFO [STDOUT] 9613:57:14,720 INFO [STDOUT] 8013:57:14,720 INFO [STDOUT] 6413:57:14,721 INFO [STDOUT] DD13:57:14,731 INFO [STDOUT] AF13:57:14,733 INFO [STDOUT] 13:57:14,733 INFO [STDOUT] E913:57:14,733 INFO [STDOUT] A713:57:14,733 INFO [STDOUT] 2513:57:14,741 INFO [STDOUT] 6413:57:14,744 INFO [STDOUT] 6C13:57:14,745 INFO [STDOUT] BE13:57:14,753 INFO [STDOUT] 6413:57:14,755 INFO [STDOUT] 2213:57:14,755 INFO [STDOUT] 13:57:14,755 INFO [STDOUT] 13:57:14,756 INFO [STDOUT] . 13:57:14,756 INFO [STDOUT] . 213:57:14,756 INFO [STDOUT] . 13:57:14,756 INFO [STDOUT] . d13:57:14,756 INFO [STDOUT] . 13:57:14,757 INFO [STDOUT] . 13:57:14,757 INFO [STDOUT] . 13:57:14,757 INFO [STDOUT] . %dl13:57:14,757 INFO [STDOUT] . d"13:57:14,757 INFO [STDOUT] Client write key: 000013:57:14,758 INFO [STDOUT] : B313:57:14,758 INFO [STDOUT] DD13:57:14,759 INFO [STDOUT] BB13:57:14,771 INFO [STDOUT] 3013:57:14,771 INFO [STDOUT] E713:57:14,772 INFO [STDOUT] 9C13:57:14,780 INFO [STDOUT] B213:57:14,780 INFO [STDOUT] 8013:57:14,780 INFO [STDOUT] 13:57:14,780 INFO [STDOUT] AD13:57:14,781 INFO [STDOUT] 7013:57:14,781 INFO [STDOUT] 2513:57:14,781 INFO [STDOUT] FF13:57:14,781 INFO [STDOUT] 9413:57:14,782 INFO [STDOUT] 1013:57:14,782 INFO [STDOUT] D913:57:14,782 INFO [STDOUT] E813:57:14,782 INFO [STDOUT] 13:57:14,782 INFO [STDOUT] 13:57:14,783 INFO [STDOUT] . 13:57:14,783 INFO [STDOUT] . 13:57:14,783 INFO [STDOUT] . 013:57:14,783 INFO [STDOUT] . 13:57:14,783 INFO [STDOUT] . 13:57:14,783 INFO [STDOUT] . 13:57:14,783 INFO [STDOUT] . 13:57:14,784 INFO [STDOUT] . p%13:57:14,785 INFO [STDOUT] . 13:57:14,785 INFO [STDOUT] . 13:57:14,785 INFO [STDOUT] . 13:57:14,785 INFO [STDOUT] . 13:57:14,785 INFO [STDOUT] . 13:57:14,788 INFO [STDOUT] Server write key: 000013:57:14,798 INFO [STDOUT] : C913:57:14,799 INFO [STDOUT] 8513:57:14,807 INFO [STDOUT] 6F13:57:14,810 INFO [STDOUT] 7C13:57:14,812 INFO [STDOUT] 2F13:57:14,813 INFO [STDOUT] 3413:57:14,822 INFO [STDOUT] E013:57:14,822 INFO [STDOUT] A413:57:14,822 INFO [STDOUT] 13:57:14,822 INFO [STDOUT] 4F13:57:14,822 INFO [STDOUT] 2713:57:14,822 INFO [STDOUT] 6D13:57:14,823 INFO [STDOUT] 3813:57:14,823 INFO [STDOUT] A213:57:14,823 INFO [STDOUT] 0D13:57:14,823 INFO [STDOUT] BB13:57:14,823 INFO [STDOUT] 0913:57:14,824 INFO [STDOUT] 13:57:14,824 INFO [STDOUT] 13:57:14,824 INFO [STDOUT] . 13:57:14,824 INFO [STDOUT] . o13:57:14,824 INFO [STDOUT] . /413:57:14,825 INFO [STDOUT] . 13:57:14,839 INFO [STDOUT] . O'm813:57:14,839 INFO [STDOUT] . 13:57:14,839 INFO [STDOUT] . 13:57:14,840 INFO [STDOUT] . 13:57:14,841 INFO [STDOUT] . 13:57:14,841 INFO [STDOUT] ... no IV used for this cipher 13:57:14,843 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Change Cipher Spec, length = 1 13:57:14,852 INFO [STDOUT] *** Finished 13:57:14,853 INFO [STDOUT] verify_data: { 13:57:14,854 INFO [STDOUT] 65 13:57:14,860 INFO [STDOUT] , 13:57:14,862 INFO [STDOUT] 193 13:57:14,862 INFO [STDOUT] , 13:57:14,862 INFO [STDOUT] 213 13:57:14,862 INFO [STDOUT] , 13:57:14,862 INFO [STDOUT] 102 13:57:14,862 INFO [STDOUT] , 13:57:14,863 INFO [STDOUT] 29 13:57:14,863 INFO [STDOUT] , 13:57:14,864 INFO [STDOUT] 45 13:57:14,864 INFO [STDOUT] , 13:57:14,864 INFO [STDOUT] 222 13:57:14,864 INFO [STDOUT] , 13:57:14,865 INFO [STDOUT] 35 13:57:14,866 INFO [STDOUT] , 13:57:14,875 INFO [STDOUT] 48 13:57:14,877 INFO [STDOUT] , 13:57:14,879 INFO [STDOUT] 140 13:57:14,887 INFO [STDOUT] , 13:57:14,889 INFO [STDOUT] 65 13:57:14,892 INFO [STDOUT] , 13:57:14,893 INFO [STDOUT] 185 13:57:14,912 INFO [STDOUT] } 13:57:14,919 INFO [STDOUT] *** 13:57:14,919 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Handshake, length = 32 13:57:15,243 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Change Cipher Spec, length = 1 13:57:15,245 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Handshake, length = 32 13:57:15,246 INFO [STDOUT] *** Finished 13:57:15,248 INFO [STDOUT] verify_data: { 13:57:15,254 INFO [STDOUT] 120 13:57:15,254 INFO [STDOUT] , 13:57:15,257 INFO [STDOUT] 145 13:57:15,259 INFO [STDOUT] , 13:57:15,261 INFO [STDOUT] 73 13:57:15,261 INFO [STDOUT] , 13:57:15,261 INFO [STDOUT] 165 13:57:15,261 INFO [STDOUT] , 13:57:15,262 INFO [STDOUT] 66 13:57:15,262 INFO [STDOUT] , 13:57:15,262 INFO [STDOUT] 34 13:57:15,262 INFO [STDOUT] , 13:57:15,262 INFO [STDOUT] 229 13:57:15,263 INFO [STDOUT] , 13:57:15,263 INFO [STDOUT] 142 13:57:15,263 INFO [STDOUT] , 13:57:15,263 INFO [STDOUT] 175 13:57:15,263 INFO [STDOUT] , 13:57:15,263 INFO [STDOUT] 87 13:57:15,264 INFO [STDOUT] , 13:57:15,276 INFO [STDOUT] 1 13:57:15,278 INFO [STDOUT] , 13:57:15,286 INFO [STDOUT] 103 13:57:15,289 INFO [STDOUT] } 13:57:15,290 INFO [STDOUT] *** 13:57:15,291 INFO [STDOUT] %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5] 13:57:15,314 INFO [STDOUT] http-0.0.0.0-8080-3, setSoTimeout(600000) called 13:57:15,315 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Application Data, length = 703 13:57:15,534 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Alert, length = 18 13:57:15,536 INFO [STDOUT] http-0.0.0.0-8080-3 13:57:15,538 INFO [STDOUT] , RECV TLSv1 ALERT: 13:57:15,541 INFO [STDOUT] fatal, 13:57:15,548 INFO [STDOUT] handshake_failure 13:57:15,568 INFO [STDOUT] %% Invalidated: [Session-1, SSL_RSA_WITH_RC4_128_MD5] 13:57:15,569 INFO [STDOUT] http-0.0.0.0-8080-3, called closeSocket() 13:57:15,570 INFO [STDOUT] http-0.0.0.0-8080-3, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 13:57:15,570 INFO [STDOUT] http-0.0.0.0-8080-3, called close() 13:57:15,570 INFO [STDOUT] http-0.0.0.0-8080-3, called closeInternal(true) 13:57:15,594 ERROR [STDERR] AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException faultSubcode: faultString: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure faultActor: faultNode: faultDetail: {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1682) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:746) at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75) at java.io.BufferedInputStream.fill(BufferedInputStream.java:218) at java.io.BufferedInputStream.read(BufferedInputStream.java:237) at org.apache.axis.transport.http.HTTPSender.readHeadersFromSocket(HTTPSender.java:583) at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:143) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812)
- I have tried commenting the allowUnsafeRenegotiation or setting it to true/ false
- Enabling or commenting out the setEnabledCiphers
- Importing the provided client certificate into the default keystore rather than the custom keystore
- SSLContext.getInstance("TLS") as well as with "SSL"
- SSLSocket::setEnabledProtocols with SSLv3, TLSv1, and such combinations.
- redoing the whole keytool operations all over again
Still no luck. I am stuck at the very same error - since 3 days now!
Would appreciate any help in this regard.
TIA.
-
kpatil almost 12 yearsThanks for your reply. Instead, I moved to Axis2 and was able to successfully communicate with the said webservices using the same keystore that I had configured earlier. However, I will try your suggestion soon and verify this myself before marking your answer as the correct one.
-
realPK over 9 yearsI had similar SSL Certificate issue and upgrading to JDK 1.7 worked for me. Appreciate sharing your experience.