errors on TLS handshake
843811Dec 9 2005 — edited Dec 11 2005I'm writing a Java applet which will communicate with a remote host over an encrypted connection. We want to implement a feature similar to the 'STARTTLS' command in SMTP, where a cleartext socket can be upgraded to a secure socket.
I'm having trouble establishing the secure connection though. Whenever I try to write to the socket, I receive a javax.net.ssl.SSLHandshakeException ("Remote host closed connection during handshake"), which was caused by a java.io.EOFException ("SSL peer shut down incorrectly").
The client runs the following setup code:
/********************/
context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] {new FakeTM()}, null);
sslsocketfactory = (SSLSocketFactory)context.getSocketFactory();
encryptedSocket = (SSLSocket)sslsocketfactory.createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true);
encryptedSocket.setEnabledCipherSuites(sslsocketfactory.getSupportedCipherSuites());
encryptedSocket.setUseClientMode(true);
encryptedSocket.setEnableSessionCreation(true);
/********************/
"socket" is a plain ol' cleartext socket, over which I can already successfully pass data. "FakeTM" is a temporary implementation of X509TrustManager which will verify any X.509 certificate.
What else do I need to do to the client so it can communicate over TLS? I'm quite new to secure network programming, and don't know where to start looking. Details on the server program can be provided if necessary. Thanks in advance for any help.
- Dan