Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

SSL Connection Unexpected end of handshake data

843811Mar 25 2004 — edited Mar 30 2004
Hi,

I get a javax.net.ssl.SSLException: Unexpected end of handshake data
during establishing a SSL Connection to one special server. The same code works (with other keystores) with other target machines.

I'm using jdk 1.4.2_03. (i tried 1.3.+JSSE as well with nearly the same problem)

What can be the problem?

Here is my code:

import java.io.PrintWriter;
import java.io.BufferedWriter;
import java.io.OutputStreamWriter;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.FileInputStream;

import java.security.KeyStore;

import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.TrustManagerFactory;

import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.SSLSocket;


/**
* Abstract SSLClient
*/
public class SSLClient{

private String ssl_keystore_privat = "test2000.jks";
private String ssl_keystore_trusted = "test2000_trusted.jks";
private String ssl_keystore_pass = "test2000";
private String host = "xxxxx";
private int port = 3015; //Port of service

private PrintWriter out = null;
private BufferedReader in = null;



/**
* create SSLClient
*/
public SSLClient() throws Exception {
System.out.println("sslClient start");
init();
}



/**
* init()
*/
private void init() throws Exception {
SSLContext ctx = SSLContext.getInstance( "TLS" );
KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
KeyStore ksPrivat = KeyStore.getInstance( "JKS") ;

KeyStore ksTrusted = KeyStore.getInstance("JKS") ;

char[] passphrase = ssl_keystore_pass.toCharArray();
ksPrivat. load(new FileInputStream(ssl_keystore_privat), passphrase);
ksTrusted.load(new FileInputStream(ssl_keystore_trusted), passphrase);
kmf.init(ksPrivat, passphrase);

TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ksTrusted);
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
SSLSocketFactory factory = ctx.getSocketFactory();

SSLSocket socket = (SSLSocket)factory.createSocket(host, port);
socket.startHandshake();

out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())));
in = new BufferedReader(new InputStreamReader(socket.getInputStream()));

//Read first line of server
//String inputLine;
//inputLine = in.readLine();
//System.out.println("line=["+inputLine+"]");


//out.println("hello, this is the sslclient !");
//out.flush();

sendData();
readData();

in.close();
out.close();
socket.close();
}//init()



/**
*
*/
private void readData() throws Exception {
String inputLine = null;
inputLine = in.readLine();//Read one line....
System.out.println("line=["+inputLine+"]");
}//readData()



/**
*
*/
private void sendData() throws Exception {
System.out.println("send data, now !");

//send data to server
out.println("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>");
out.println("<LogonRequest user=\"MyUsername\" pass=\"MyPassword\"></LogonRequest>");
out.flush();
}//sendData()



/**
* starts the ssldemoapplication
*/
public static void main(String args[]) throws Exception {
SSLClient sslClient = new SSLClient();
}
}//class SSLClient


____________________________________________________________________________________________
and the a trace:

17:02:57 | 25.03.2004 sslClient start



***

found key for : client_key

chain [0] = [
[
Version: V1
Subject: CN=Ullrich Brunet, OU=IT, O=Brunet, L=Greobenzell, ST=Bavaria, C=BY
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3

Key: Sun DSA Public Key
Parameters:DSA
p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

y:
f60ae369 24520a44 09a2f0c4 a579177f 06f55b79 aa94b630 153ae682 6a200665
a570f048 12945476 0b6030df 5538ab76 7c1c0901 d41ebc8d a98cbf19 209411e0
23ac7b68 47ea989d 07aad035 08c96ccb a8093a62 51b29196 db3f663d 58144381
c5e1a200 dce16827 f1edf15f 55638ebc 1bfaeba6 dd40d672 1506345b 66f48b8c

Validity: [From: Tue Mar 23 11:51:31 CET 2004,
To: Mon Jun 21 12:51:31 CEST 2004]
Issuer: CN=Ullrich Brunet, OU=IT, O=Brunet, L=Greobenzell, ST=Bavaria, C=BY
SerialNumber: [ 406016b3]

]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2C 02 14 1B 97 A7 E5 95 F4 69 51 2E 1C 49 3B 0,........iQ..I;

0010: FB 65 07 C8 F4 EB F4 C1 02 14 2D 97 25 91 5B 3E .e........-.%.[>

0020: 12 9D 1B E6 73 3E 9F 4E 14 E6 F4 AE F7 16 ....s>.N......


]

***

adding as trusted cert:

Subject: CN=MIDRAY GmbH, OU=com, O=midray, L=cologne, ST=nrw, C=de

Issuer: CN=MIDRAY GmbH, OU=com, O=midray, L=cologne, ST=nrw, C=de

Algorithm: DSA; Serial number: 0x3c62a419

Valid from Thu Feb 07 16:58:17 CET 2002 until Wed Nov 03 16:58:17 CET 2004



trigger seeding of SecureRandom

done seeding SecureRandom

%% No cached client session

*** ClientHello, TLSv1

RandomCookie: GMT: 1080230518 bytes = { 149, 190, 189, 163, 15, 178, 227, 184, 185, 79, 88, 133, 109, 74, 26, 66, 191, 81, 135, 28, 18, 174, 159, 183, 67, 71, 71, 232 }

Session ID: {}

Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]

Compression Methods: { 0 }

***

main, WRITE: TLSv1 Handshake, length = 73

main, WRITE: SSLv2 client hello message, length = 98

main, READ: TLSv1 Handshake, length = 2194

*** ServerHello, TLSv1

RandomCookie: GMT: 1080230511 bytes = { 84, 204, 24, 174, 216, 95, 66, 125, 144, 55, 114, 173, 149, 158, 159, 210, 144, 212, 133, 16, 8, 131, 94, 152, 110, 179, 82, 6 }

Session ID: {64, 99, 2, 111, 74, 226, 77, 78, 206, 235, 130, 199, 59, 215, 65, 55, 11, 58, 134, 222, 219, 200, 138, 37, 222, 37, 241, 22, 246, 43, 143, 100}

Cipher Suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA

Compression Method: 0

***

%% Created: [Session-1, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA]

** SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA

*** Certificate chain

chain [0] = [
[
Version: V1
Subject: CN=MIDRAY GmbH, OU=com, O=midray, L=cologne, ST=nrw, C=de
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3

Key: Sun DSA Public Key
Parameters:DSA
p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

y:
7614e5a7 3556e1a0 4385d45e 1a90a566 c796fc11 9ef3de58 e43db143 b9a18995
9a4ebf66 b9aaf834 30b48a59 ec325fb7 03cf5eff 6f87bc17 cd2f05be ae42b75e
e4f6f3d0 9087605d d1172908 9653116e 8bd76c88 9ab35478 036023ba bf90c57b
b2a65238 b9d029fc 6e242c0e c6bf04c4 ec194d83 5bc3e26e 25d4f87a 41a65d5c

Validity: [From: Thu Feb 07 16:58:17 CET 2002,
To: Wed Nov 03 16:58:17 CET 2004]
Issuer: CN=MIDRAY GmbH, OU=com, O=midray, L=cologne, ST=nrw, C=de
SerialNumber: [ 3c62a419]

]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2C 02 14 53 6E 63 08 B9 21 E0 FF 6E 5E 0D E7 0,..Snc..!..n^..

0010: 35 77 21 3C 7B BA 64 BD 02 14 3E E9 10 C7 B0 A6 5w!<..d...>.....

0020: ED 29 CF 76 19 0B D9 F6 F3 93 01 6D E4 2B .).v.......m.+


]

***

Found trusted certificate:

[
[
Version: V1
Subject: CN=MIDRAY GmbH, OU=com, O=midray, L=cologne, ST=nrw, C=de
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3

Key: Sun DSA Public Key
Parameters:DSA
p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

y:
7614e5a7 3556e1a0 4385d45e 1a90a566 c796fc11 9ef3de58 e43db143 b9a18995
9a4ebf66 b9aaf834 30b48a59 ec325fb7 03cf5eff 6f87bc17 cd2f05be ae42b75e
e4f6f3d0 9087605d d1172908 9653116e 8bd76c88 9ab35478 036023ba bf90c57b
b2a65238 b9d029fc 6e242c0e c6bf04c4 ec194d83 5bc3e26e 25d4f87a 41a65d5c

Validity: [From: Thu Feb 07 16:58:17 CET 2002,
To: Wed Nov 03 16:58:17 CET 2004]
Issuer: CN=MIDRAY GmbH, OU=com, O=midray, L=cologne, ST=nrw, C=de
SerialNumber: [ 3c62a419]

]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2C 02 14 53 6E 63 08 B9 21 E0 FF 6E 5E 0D E7 0,..Snc..!..n^..

0010: 35 77 21 3C 7B BA 64 BD 02 14 3E E9 10 C7 B0 A6 5w!<..d...>.....

0020: ED 29 CF 76 19 0B D9 F6 F3 93 01 6D E4 2B .).v.......m.+


]javax.net.ssl.SSLException: Unexpected end of handshake data

at com.sun.net.ssl.internal.ssl.HandshakeInStream.read(DashoA6275)

at com.sun.net.ssl.internal.ssl.HandshakeInStream.g(DashoA6275)

at com.sun.net.ssl.internal.ssl.HandshakeMessage$DH_ServerKeyExchange.<init>(DashoA6275)

at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)

at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)

main, handling exception: javax.net.ssl.SSLException: Unexpected end of handshake data

main, SEND TLSv1 ALERT: fatal, description = unexpected_message

main, WRITE: TLSv1 Alert, length = 2

main, called closeSocket()



at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)

at bruSSL_J.<init>(bruSSL_J.java:70)

at bruSSL_J.main(bruSSL_J.java:135)

17:02:59 | 25.03.2004 Exception javax.net.ssl.SSLException: Unexpected end of handshake data in bruSSL Constructor



17:02:59 | 25.03.2004 send data, now !



17:02:59 | 25.03.2004 Exception java.lang.NullPointerException in bruSSL Constructor



null

17:02:59 | 25.03.2004 Exception java.lang.NullPointerException in bruSSL close�


Thank you very much!

regards
Sten
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 27 2004
Added on Mar 25 2004
#java-secure-socket-extension-jsse
10 comments
1,444 views