This discussion is archived
2 Replies Latest reply: Sep 13, 2012 6:52 AM by 961938 RSS

SSL Hand Shake Exception with Jdk 1.6 and 7

961938 Newbie
Currently Being Moderated
I am facing the handshake exception problem using SSL with JDK 1.6 35 every thing is working fine with JDK 1.4, I am receiving the following exception in the Logs

received EOFException: error

handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

I have tried putting ssl logging in verbose level and allowed unsecure ssl negotiation true.

Following is my connector settings

<Connector port="8443"
     maxThreads="350" minSpareThreads="25" maxSpareThreads="75"
     enableLookups="false" disableUploadTimeout="true"
     acceptCount="100" debug="0" scheme="https" secure="true"
     clientAuth="true" sslProtocol="SSLv3"
               keystoreFile="${jboss.server.home.dir}/conf/abc.jks"
               truststoreFile="${jboss.server.home.dir}/conf/xyz"
          keystorePass="123" truststorePass="abc" keystoreType="JKS" truststoreType="JKS"/>


Please suggest what can go wrong in SSL communication with the JDK change from 1.4 to 1.6 or 7.
  • 1. Re: SSL Hand Shake Exception with Jdk 1.6 and 7
    EJP Guru
    Currently Being Moderated
    I have tried putting ssl logging in verbose level and allowed unsecure ssl negotiation true.
    Where exactly have you done that?
    <Connector port="8443"
         maxThreads="350" minSpareThreads="25" maxSpareThreads="75"
         enableLookups="false" disableUploadTimeout="true"
         acceptCount="100" debug="0" scheme="https" secure="true"
         clientAuth="true" sslProtocol="SSLv3"
                   keystoreFile="${jboss.server.home.dir}/conf/abc.jks"
                   truststoreFile="${jboss.server.home.dir}/conf/xyz"
              keystorePass="123" truststorePass="abc" keystoreType="JKS" truststoreType="JKS"/>
    I don't see it anywhere in there. There should be an attribute allowUnsafeLegacyRenegotiation="true" if you want to allow the unsafe handshake stuff.
  • 2. Re: SSL Hand Shake Exception with Jdk 1.6 and 7
    961938 Newbie
    Currently Being Moderated
    I updated the connector with allowUnsafeLegacyRenegotiation="true" , following is my connector


    <Connector port="8443"
    maxThreads="350" minSpareThreads="25" maxSpareThreads="75"
    enableLookups="false" disableUploadTimeout="true" allowUnsafeLegacyRenegotiation="true"
    acceptCount="100" debug="0" scheme="https" secure="true"
    clientAuth="true" sslProtocol="SSLv3"
    keystoreFile="${jboss.server.home.dir}/conf/abc.jks"
    truststoreFile="${jboss.server.home.dir}/conf/xyz"
    keystorePass="123" truststorePass="abc" keystoreType="JKS" truststoreType="JKS"/>


    I also added the -Dsun.security.ssl.allowUnsafeRenegotiation=true in the Jboss run.bat file, I am still getting the same error.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points