SSL handshake failure
843811Oct 15 2007 — edited Oct 16 2007I'm trying to connect to a server who is supposed to support TLSv1 and SSLv3 but without success. I'm using InstallCert.java for testing purposes and can fetch certificates from a lot of servers without problems but it fails with javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure against the server that i want to run it against. Works to connect with firefox though so the server seams to be quite okey.. I have no access to any logs on the server but here's the output when i run InstallCert.java with -Djavax.net.debug=all.
trigger seeding of SecureRandom
done seeding SecureRandom
Opening connection to 194.14.58.9:19100...
main, setSoTimeout(10000) called
Starting SSL handshake...
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1192395754 bytes = { 74, 175, 190, 30, 55, 18, 194, 238, 25, 155, 61, 85, 140, 26, 148, 49, 193, 153, 73, 116, 219, 41, 231, 64, 248, 105, 70, 146 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 47 13 84 EA 4A AF BE 1E 37 12 ...E..G...J...7.
0010: C2 EE 19 9B 3D 55 8C 1A 94 31 C1 99 49 74 DB 29 ....=U...1..It.)
0020: E7 40 F8 69 46 92 00 00 1E 00 04 00 05 00 2F 00 .@.iF........./.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 47 13 84 EA 4A AF BE 1E 37 12 C2 EE 19 9B ..G...J...7.....
0050: 3D 55 8C 1A 94 31 C1 99 49 74 DB 29 E7 40 F8 69 =U...1..It.).@.i
0060: 46 92 F.
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
0040: 14 00 00 11 47 13 84 EA 4A AF BE 1E 37 12 C2 EE ....G...J...7...
0050: 19 9B 3D 55 8C 1A 94 31 C1 99 49 74 DB 29 E7 40 ..=U...1..It.).@
0060: F8 69 46 92 .iF.
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1657)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
at InstallCert.main(InstallCert.java:70)
Could not obtain server certificate chain
Help would be greatly appreciated
Thanks in advance!
//Marcus