1 2 Previous Next 16 Replies Latest reply: Jan 18, 2010 5:30 AM by 791266 RSS

    javax.net.ssl.SSLHandshakeException: Remote host closed connection during h

    843811
      Hi All,

      I'm facing this error while trying to access to invoking servlet from a applet through HTTPS protocol.

      But I works fine when i uses HTTP protocol.

      Error message from Java console is given below.

      javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
           at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
           at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
           at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
           at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
           at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.setProxiedClient(Unknown Source)
           at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.superConnect(Unknown Source)
           at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.connect(Unknown Source)
           at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
           at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
           at Test.Login.login(Login.java:127)
           at Test.ConnectionDialog.makeConnection(ConnectionDialog.java:306)
           at Test.ConnectionDialog$1.actionPerformed(ConnectionDialog.java:54)
           at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
           at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Unknown Source)
           at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
           at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
           at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
           at java.awt.Component.processMouseEvent(Unknown Source)
           at java.awt.Component.processEvent(Unknown Source)
           at java.awt.Container.processEvent(Unknown Source)
           at java.awt.Component.dispatchEventImpl(Unknown Source)
           at java.awt.Container.dispatchEventImpl(Unknown Source)
           at java.awt.Component.dispatchEvent(Unknown Source)
           at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
           at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
           at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
           at java.awt.Container.dispatchEventImpl(Unknown Source)
           at java.awt.Window.dispatchEventImpl(Unknown Source)
           at java.awt.Component.dispatchEvent(Unknown Source)
           at java.awt.EventQueue.dispatchEvent(Unknown Source)
           at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
           at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
           at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
           at java.awt.Dialog$1.run(Unknown Source)
           at java.awt.Dialog.show(Unknown Source)
           at java.awt.Component.show(Unknown Source)
           at java.awt.Component.setVisible(Unknown Source)
           at Test.ConnectionDialog.construct(ConnectionDialog.java:123)
           at Test.ConnectionDialog.<init>(ConnectionDialog.java:42)
           at Test.Menu.openConnectionDialog(SunExchangeMenu.java:147)
           at Test.Menu.access$000(SunExchangeMenu.java:11)
           at Test.Menu$1.actionPerformed(SunExchangeMenu.java:62)
           at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
           at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Unknown Source)
           at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
           at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
           at javax.swing.AbstractButton.doClick(Unknown Source)
           at javax.swing.plaf.basic.BasicMenuItemUI.doClick(Unknown Source)
           at javax.swing.plaf.basic.BasicMenuItemUI$MouseInputHandler.mouseReleased(Unknown Source)
           at java.awt.Component.processMouseEvent(Unknown Source)
           at java.awt.Component.processEvent(Unknown Source)
           at java.awt.Container.processEvent(Unknown Source)
           at java.awt.Component.dispatchEventImpl(Unknown Source)
           at java.awt.Container.dispatchEventImpl(Unknown Source)
           at java.awt.Component.dispatchEvent(Unknown Source)
           at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
           at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
           at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
           at java.awt.Container.dispatchEventImpl(Unknown Source)
           at java.awt.Component.dispatchEvent(Unknown Source)
           at java.awt.EventQueue.dispatchEvent(Unknown Source)
           at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
           at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
           at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
           at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
           at java.awt.EventDispatchThread.run(Unknown Source)
      Caused by: java.io.EOFException: SSL peer shut down incorrectly
           at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
           ... 66 more


      I'm using Iplanet IWS 4.1 webserver.
      Java 1.4.2

      Thanks in Advance
      James
        • 1. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
          EJP
          This looks very like the other end does not speak SSL. Check the port number in the URL: 80 won't do, 443 probably will.
          • 2. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
            843811
            The code is running at port 445 , and HTTPS is enabled on this instance of server.

            Server certificate is also installed on it.

            Applet gets loaded properly but when it tries to contact servlet , it shows this error message in Java console.

            If you have any other clue for this problem , do let me know.

            Thanks & Regards
            James
            • 3. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
              EJP
              Can you set javax.net.debug=ssl,handshake,record at the client and show us the output.
              • 4. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                843811
                How to set this at client side ,
                I mean in which file ?
                • 5. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                  EJP
                  It is a system property. You can set it via the command line or via System.setProperty in the code.
                  • 6. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                    843811
                    Hi EJB ,

                    I had got this message from java console.

                    Java(TM) Plug-in: Version 1.4.2_06
                    Using JRE version 1.4.2_06 Java HotSpot(TM) Client VM
                    User home directory = /home/james
                    ----------------------------------------------------
                    c: clear console window
                    f: finalize objects on finalization queue
                    g: garbage collect
                    h: display this help message
                    l: dump classloader list
                    m: print memory usage
                    o: trigger logging
                    p: reload proxy configuration
                    q: hide console
                    r: reload policy configuration
                    s: dump system properties
                    t: dump thread list
                    v: dump thread stack
                    x: clear classloader cache
                    0-5: set trace level to <n>
                    ----------------------------------------------------
                    Trace level set to 5: basic, net, security, ext, liveconnect ... completed.
                    trustStore is: /usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    trustStore type is : jks
                    init truststore

                    adding as trusted cert:
                    Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
                    Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
                    Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
                    Valid from Fri Oct 01 05:30:00 IST 1999 until Thu Jul 17 05:29:59 IST 2036

                    Lots of trusted Cert .... removed from console

                    trigger seeding of SecureRandom
                    done seeding SecureRandom
                    setWindow: call before applet exists:7865921
                    Referencing classloader: sun.plugin.ClassLoaderInfo@5d391d, refcount=1
                    Loading applet ...
                    Initializing applet ...
                    Starting applet ...
                    Ping the proxy server webcache.central on port 8,080
                    Connecting https://<Myserver>.com:445/test/Jar/test.jar with proxy=abc.central:8080
                    Connecting https://<Myserver>.com:445/test/Jar/test.jar with cookie "217931149659559; location=US"
                    %% No cached client session
                    *** ClientHello, SSLv3
                    RandomCookie: GMT: 1132828074 bytes = { 88, 83, 153, 30, 158, 148, 24, 152, 151, 9, 194, 75, 226, 75, 231, 8, 20, 247, 127, 155, 230, 55, 59, 79, 221, 202, 65, 180 }
                    Session ID: {}
                    Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
                    Compression Methods: { 0 }
                    ***
                    Thread-4, WRITE: SSLv3 Handshake, length = 73
                    Thread-4, WRITE: SSLv2 client hello message, length = 98
                    Thread-4, READ: SSLv3 Handshake, length = 3539
                    *** ServerHello, SSLv3
                    RandomCookie: GMT: 31042 bytes = { 19, 190, 141, 120, 62, 2, 224, 227, 158, 208, 249, 83, 77, 235, 85, 31, 11, 121, 228, 181, 199, 57, 215, 202, 247, 72, 150, 116 }
                    Session ID: {19, 27, 162, 154, 195, 63, 177, 16, 124, 123, 191, 167, 110, 134, 46, 151, 51, 60, 224, 164, 229, 244, 177, 121, 4, 2, 71, 55, 89, 132, 21, 233}
                    Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
                    Compression Method: 0
                    ***
                    %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
                    ** SSL_RSA_WITH_RC4_128_MD5
                    *** Certificate chain
                    chain [0] = [
                    [
                    Version: V3
                    Subject: CN=<My SERVER>, OU=Class C, O=<My Company>, ST=<My state>, C=US
                    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

                    Key: SunJSSE RSA public key:
                    public exponent:
                    010001
                    modulus:
                    9f9191a7 547d0290 43844fa9 548f844c 7915dfd6 e1fbc8fd f1138a37 39428ebb
                    c4c961d7 355630f2 17b7e785 aba98e03 6a4260c8 03676cfb af9a8674 62e7e809
                    09e132ba 5c38afb4 cb4c2100 bd398772 c7ad0b44 243d01ed 716ed505 e6bb410f
                    66c540b3 0b3ba4a3 3283ce95 bc0ee518 2977ea2c 55f05a92 cb86cf70 49b0893f
                    Validity: [From: Wed Feb 01 05:30:00 IST 2006,
                                   To: Fri Feb 02 05:29:59 IST 2007]
                    Issuer: CN=Verisign, OU=Class 3 Secure Server CA, OU=VeriSign Trust Network, O=<My company>
                    SerialNumber: [    2fc6c8d2 3d1f6207 45c3d6b7 b9f4d3b9]

                    Certificate Extensions: 8
                    [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
                    Extension unknown: DER encoded OCTET string =
                    0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
                    0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
                    0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com


                    [2]: ObjectId: 2.5.29.14 Criticality=false
                    SubjectKeyIdentifier [
                    KeyIdentifier [
                    0000: 5D B3 55 0F B0 E9 89 2B C2 EC 07 76 CA 79 57 12 ].U....+...v.yW.
                    0010: C1 B1 66 FE ..f.
                    ]
                    ]

                    [3]: ObjectId: 2.5.29.35 Criticality=false
                    AuthorityKeyIdentifier [
                    KeyIdentifier [
                    0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
                    0010: 17 F9 01 FA ....
                    ]


                    REMOVED LOTS OF Cert CHAINS

                    ***
                    Loading Root CA certificates from /usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    Loaded Root CA certificates from /usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    Loading Https Root CA certificates from /usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    Loaded Https Root CA certificates from /usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    Loaded JPI Https certificates from /home/mn160722/.java/deployment/security/deployment.jssecerts
                    Loading certificates from JPI session certificate store
                    Loaded certificates from JPI session certificate store
                    Found trusted certificate:
                    [
                    [
                    Version: V1
                    Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
                    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

                    Key: SunJSSE RSA public key:
                    public exponent:
                    010001
                    modulus:
                    cc5ed111 5d5c69d0 abd3b96a 4c991f59 98308e16 8520466d 473fd485 2084e16d
                    b3f8a4ed 0cf1170f 3bf9a7f9 25d7c1cf 8463f27c 63cfa247 f2c65b33 8e644004
                    68c180b9 641c4577 c7d86ef5 95293c50 e834d778 1fa8ba6d 4391958f 45575e7e
                    c5fbcaa4 04ebea97 3754306f bb014732 33cddc57 9b646961 f89b1d1c 894f5c67
                    Validity: [From: Mon May 18 05:30:00 IST 1998,
                                   To: Wed Aug 02 05:29:59 IST 2028]
                    Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
                    SerialNumber: [    7dd9fe07 cfa81eb7 107967fb a78934c6]

                    ]
                    Algorithm: [SHA1withRSA]
                    Signature:
                    0000: 51 4D CD BE 5C CB 98 19 9C 15 B2 01 39 78 2E 4D QM..\.......9x.M
                    0010: 0F 67 70 70 99 C6 10 5A 94 A4 53 4D 54 6D 2B AF .gpp...Z..SMTm+.
                    0020: 0D 5D 40 8B 64 D3 D7 EE DE 56 61 92 5F A6 C4 1D .]@.d....Va._...
                    0030: 10 61 36 D3 2C 27 3C E8 29 09 B9 11 64 74 CC B5 .a6.,'<.)...dt..
                    0040: 73 9F 1C 48 A9 BC 61 01 EE E2 17 A6 0C E3 40 08 s..H..a.......@.
                    0050: 3B 0E E7 EB 44 73 2A 9A F1 69 92 EF 71 14 C3 39 ;...Ds*..i..q..9
                    0060: AC 71 A7 91 09 6F E4 71 06 B3 BA 59 57 26 79 00 .q...o.q...YW&y.
                    0070: F6 F8 0D A2 33 30 28 D4 AA 58 A0 9D 9D 69 91 FD ....30(..X...i..

                    ]
                    *** ServerHelloDone
                    JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
                    *** ClientKeyExchange, RSA PreMasterSecret, SSLv3
                    Random Secret: { 3, 0, 154, 144, 23, 220, 70, 44, 81, 4, 234, 245, 210, 206, 167, 30, 214, 186, 53, 6, 7, 233, 26, 21, 49, 57, 46, 13, 211, 251, 54, 83, 12, 196, 173, 95, 235, 67, 55, 226, 65, 219, 163, 30, 155, 201, 171, 19 }
                    Thread-4, WRITE: SSLv3 Handshake, length = 132
                    SESSION KEYGEN:
                    PreMaster Secret:
                    0000: 03 00 9A 90 17 DC 46 2C 51 04 EA F5 D2 CE A7 1E ......F,Q.......
                    0010: D6 BA 35 06 07 E9 1A 15 31 39 2E 0D D3 FB 36 53 ..5.....19....6S
                    0020: 0C C4 AD 5F EB 43 37 E2 41 DB A3 1E 9B C9 AB 13 ..._.C7.A.......
                    CONNECTION KEYGEN:
                    Client Nonce:
                    0000: 44 86 96 AA 58 53 99 1E 9E 94 18 98 97 09 C2 4B D...XS.........K
                    0010: E2 4B E7 08 14 F7 7F 9B E6 37 3B 4F DD CA 41 B4 .K.......7;O..A.
                    Server Nonce:
                    0000: 00 00 79 42 13 BE 8D 78 3E 02 E0 E3 9E D0 F9 53 ..yB...x>......S
                    0010: 4D EB 55 1F 0B 79 E4 B5 C7 39 D7 CA F7 48 96 74 M.U..y...9...H.t
                    Master Secret:
                    0000: E9 8F 86 93 79 31 60 57 EC F5 BB ED 29 23 B5 9D ....y1`W....)#..
                    0010: C0 66 20 58 42 CA 4D 3F DD 96 D6 57 77 03 E8 77 .f XB.M?...Ww..w
                    0020: 32 11 DF E4 BD 49 29 24 39 DF 22 8C AA 34 D6 2B 2....I)$9."..4.+
                    Client MAC write Secret:
                    0000: 64 70 14 EB 31 A8 BF 90 FD 84 DF 7A E7 6A 8A 6A dp..1......z.j.j
                    Server MAC write Secret:
                    0000: DC 7F 4E F3 C7 B7 76 5E 54 62 77 96 9C 65 58 8A ..N...v^Tbw..eX.
                    Client write key:
                    0000: 67 C4 8F 19 12 82 EA 00 68 CD 3D 17 2B CA 52 A8 g.......h.=.+.R.
                    Server write key:
                    0000: 40 12 DC A8 B0 AE 23 78 0C 3E B8 45 D3 3A F3 13 @.....#x.>.E.:..
                    ... no IV for cipher
                    Thread-4, WRITE: SSLv3 Change Cipher Spec, length = 1
                    JsseJCE: Using JSSE internal implementation for cipher RC4
                    *** Finished
                    verify_data: { 156, 212, 31, 246, 108, 46, 147, 140, 237, 169, 127, 126, 7, 224, 98, 193, 230, 6, 241, 84, 125, 230, 63, 184, 171, 88, 245, 0, 216, 94, 171, 160, 254, 200, 224, 173 }
                    ***
                    Thread-4, WRITE: SSLv3 Handshake, length = 56
                    Thread-4, READ: SSLv3 Change Cipher Spec, length = 1
                    JsseJCE: Using JSSE internal implementation for cipher RC4
                    Thread-4, READ: SSLv3 Handshake, length = 56
                    *** Finished
                    verify_data: { 35, 170, 82, 22, 217, 209, 162, 4, 148, 75, 28, 234, 130, 43, 139, 194, 135, 17, 8, 143, 215, 26, 189, 219, 132, 35, 27, 202, 216, 48, 40, 89, 183, 87, 89, 200 }
                    ***
                    %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
                    Thread-4, WRITE: SSLv3 Application Data, length = 374
                    Thread-4, READ: SSLv3 Application Data, length = 126
                    Loading https://<Myserver>.com:445/test/Jar/test.jar from cache
                    java.vendor=null
                    package.restrict.access.sun=true
                    os.name=null
                    sun.boot.class.path=null
                    javax.net.debug=null
                    path.separator.applet=true
                    deployment.user.home=/home/mn160722/.java/deployment
                    sun.java2d.fontpath=null
                    java.vm.specification.vendor=null
                    java.runtime.version=null
                    https.protocols=SSLv3,SSLv2Hello
                    java.version.applet=true
                    user.name=null
                    mozilla.workaround=null
                    deployment.browser.path=/usr/dt/bin/netscape
                    os.name.applet=true
                    browser.version=1.1
                    user.language=null
                    javaplugin.proxy.config.type=browser
                    sun.boot.library.path=null
                    deployment.user.cachedir=/home/mn160722/.java/deployment/cache
                    trustProxy=null
                    acl.read=+
                    java.version=null
                    user.timezone=Asia/Calcutta
                    deployment.user.jssecerts=/home/mn160722/.java/deployment/security/deployment.jssecerts
                    sun.arch.data.model=null
                    java.endorsed.dirs=null
                    sun.net.client.defaultConnectTimeout=120000
                    sun.cpu.isalist=null
                    file.encoding.pkg=null
                    file.separator=null
                    java.specification.name=null
                    java.class.version=null
                    line.separator.applet=true
                    user.country=null
                    java.home=null
                    javaplugin.version=null
                    java.vm.info=null
                    os.version=null
                    javaplugin.nodotversion=null
                    acl.write=+
                    deployment.system.profile=/etc
                    path.separator=null
                    deployment.system.security.policy=file:/etc/.java/deployment/security/java.policy
                    java.vm.version=null
                    http.auth.serializeRequests=true
                    java.util.prefs.PreferencesFactory=null
                    acl.read.default=
                    java.protocol.handler.pkgs=sun.plugin.net.protocol|sun.plugin.net.protocol
                    deployment.system.home=/etc/.java/deployment
                    java.awt.printerjob=null
                    deployment.user.extdir=/home/james/.java/deployment/ext
                    sun.io.unicode.encoding=null
                    http.agent=Mozilla/4.0 (SunOS 5.9)
                    package.restrict.definition.sun=true
                    java.class.version.applet=true
                    file.separator.applet=true
                    user.home=null
                    java.specification.vendor=null
                    java.library.path=null
                    java.vendor.url=null
                    deployment.user.certs=/home/james/.java/deployment/security/deployment.certs
                    java.vm.vendor=null
                    deployment.user.security.policy=/home/james/.java/deployment/security/java.policy
                    deployment.javapi.jre.1.5.0-rc.path=/usr/dist/share/firefox,v1.0.2teaser/java
                    java.runtime.name=null
                    java.class.path=null
                    java.vendor.applet=true
                    package.restrict.access.netscape=false
                    deployment.javapi.jre.1.5.0-rc.osarch=sparc
                    java.vendor.url.applet=true
                    java.vm.specification.name=null
                    java.vm.specification.version=null
                    deployment.version=1.5.0
                    sun.cpu.endian=null
                    sun.os.patch.level=null
                    package.restrict.definition.java=true
                    package.restrict.definition.netscape=true
                    javaplugin.vm.options=null
                    java.io.tmpdir=null
                    deployment.system.cacerts=/usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    java.vendor.url.bug=null
                    deployment.javapi.jre.1.5.0-rc.args=
                    os.arch=null
                    java.awt.graphicsenv=null
                    java.ext.dirs=null
                    os.version.applet=true
                    user.dir=null
                    os.arch.applet=true
                    deployment.user.tmpdir=/home/james/.java/deployment/cache/tmp
                    line.separator=null
                    java.vm.name=null
                    javaplugin.lib=null
                    deployment.user.profile=/home/james
                    file.encoding=null
                    acl.write.default=
                    deployment.capture.mime.types=true
                    browser.vendor=Sun Microsystems, Inc.
                    deployment.system.jssecacerts=/usr/dist/share/mozilla,v1.4s/java/lib/security/cacerts
                    deployment.javapi.jre.1.5.0-rc.osname=SunOS
                    javaplugin.proxy.config.list=http=<abc>.central:8080,https=<abc>.central:8080,ftp=<abc>.central:8080
                    deployment.user.logdir=/home/james/.java/deployment/log
                    java.specification.version=null
                    java.security.AccessControlContext@d5eb7Host:init(): null
                    Port:init(): null
                    Protocol:init(): null
                    protocol:setting: = https
                    Test Java Web Start version 1.0
                    ready to fecth image
                    finish fetching image
                    after fetching image

                    adding row name = temp
                    adding row name = temp.class
                    adding row name = temp.java
                    end of init3
                    Keep-Alive-Timer, called close()
                    Keep-Alive-Timer, called closeInternal(true)
                    Keep-Alive-Timer, SEND SSLv3 ALERT: warning, description = close_notify
                    Keep-Alive-Timer, WRITE: SSLv3 Alert, length = 18
                    connecting .....
                    host name= <My SERVER>.com
                    protocol, host, port: https,<My SERVER>com,445
                    protocol, host, port: https,<My SERVER>.com,445
                    Connecting https://<My SERVER>.com:445/servlet/Login with proxy=webcache.central:8080
                    Connecting https://<My SERVER>.com:445/servlet/Login with cookie "SUN_ID=192.18.101.5:217931149659559; location=US"
                    %% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5]
                    %% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 48819
                    *** ClientHello, SSLv3
                    RandomCookie: GMT: 1132828099 bytes = { 243, 165, 152, 196, 142, 78, 81, 132, 132, 27, 204, 37, 133, 169, 23, 3, 72, 17, 65, 201, 0, 44, 1, 134, 29, 185, 94, 152 }
                    Session ID: {19, 27, 162, 154, 195, 63, 177, 16, 124, 123, 191, 167, 110, 134, 46, 151, 51, 60, 224, 164, 229, 244, 177, 121, 4, 2, 71, 55, 89, 132, 21, 233}
                    Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
                    Compression Methods: { 0 }
                    ***
                    AWT-EventQueue-2, WRITE: SSLv3 Handshake, length = 105
                    AWT-EventQueue-2, received EOFException: error
                    AWT-EventQueue-2, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
                    AWT-EventQueue-2, SEND SSLv3 ALERT: fatal, description = handshake_failure
                    AWT-EventQueue-2, WRITE: SSLv3 Alert, length = 2
                    AWT-EventQueue-2, called closeSocket()
                    javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
                    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
                    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
                    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
                    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
                    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.setProxiedClient(Unknown Source)
                    at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.superConnect(Unknown Source)
                    at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.connect(Unknown Source)
                    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
                    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
                    at Test.Login.login(Login.java:127)
                    at Test.ConnectionDialog.makeConnection(ConnectionDialog.java:306)
                    at Test.ConnectionDialog$1.actionPerformed(ConnectionDialog.java:54)
                    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
                    at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Unknown Source)
                    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
                    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
                    at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
                    at java.awt.Component.processMouseEvent(Unknown Source)
                    at java.awt.Component.processEvent(Unknown Source)
                    at java.awt.Container.processEvent(Unknown Source)
                    at java.awt.Component.dispatchEventImpl(Unknown Source)
                    at java.awt.Container.dispatchEventImpl(Unknown Source)
                    at java.awt.Component.dispatchEvent(Unknown Source)
                    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
                    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
                    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
                    at java.awt.Container.dispatchEventImpl(Unknown Source)
                    at java.awt.Window.dispatchEventImpl(Unknown Source)
                    at java.awt.Component.dispatchEvent(Unknown Source)
                    at java.awt.EventQueue.dispatchEvent(Unknown Source)
                    at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
                    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
                    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
                    at java.awt.Dialog$1.run(Unknown Source)
                    at java.awt.Dialog.show(Unknown Source)
                    at java.awt.Component.show(Unknown Source)
                    at java.awt.Component.setVisible(Unknown Source)
                    at Test.ConnectionDialog.construct(ConnectionDialog.java:123)
                    at Test.ConnectionDialog.<init>(ConnectionDialog.java:42)
                    at Test.Menu.openConnectionDialog(SunExchangeMenu.java:147)
                    at Test.Menu.access$000(SunExchangeMenu.java:11)
                    at Test.Menu$1.actionPerformed(SunExchangeMenu.java:62)
                    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
                    at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Unknown Source)
                    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
                    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
                    at javax.swing.AbstractButton.doClick(Unknown Source)
                    at javax.swing.plaf.basic.BasicMenuItemUI.doClick(Unknown Source)
                    at javax.swing.plaf.basic.BasicMenuItemUI$MouseInputHandler.mouseReleased(Unknown Source)
                    at java.awt.Component.processMouseEvent(Unknown Source)
                    at java.awt.Component.processEvent(Unknown Source)
                    at java.awt.Container.processEvent(Unknown Source)
                    at java.awt.Component.dispatchEventImpl(Unknown Source)
                    at java.awt.Container.dispatchEventImpl(Unknown Source)
                    at java.awt.Component.dispatchEvent(Unknown Source)
                    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
                    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
                    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
                    at java.awt.Container.dispatchEventImpl(Unknown Source)
                    at java.awt.Component.dispatchEvent(Unknown Source)
                    at java.awt.EventQueue.dispatchEvent(Unknown Source)
                    at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
                    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
                    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
                    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
                    at java.awt.EventDispatchThread.run(Unknown Source)
                    Caused by: java.io.EOFException: SSL peer shut down incorrectly
                    at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
                    ... 66 more

                    Login failed
                    • 7. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                      EJP
                      As you can see, the connection with the first handshake succeeded, and your second connection/handshake tries to resume the SSL session created by the first one; it was the second handshake that failed. The cause seems to be this:
                      Keep-Alive-Timer, called close()
                      Keep-Alive-Timer, called closeInternal(true)
                      Keep-Alive-Timer, SEND SSLv3 ALERT: warning, description = close_notify
                      Keep-Alive-Timer, WRITE: SSLv3 Alert, length = 18
                      I don't know where this comes from but it looks as though someone is closing the first connection, very prematurely.
                      • 8. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                        843811
                        Hi ,

                        I had changed tried to login to my application by using a new mozilla browser and login succeded.

                        I think problem was may be with the browser
                        Thanks alot for helping to debug the problem.

                        For furhter reference : To enable ssl error debug
                        In Unix console set :
                        setenv JPIVM_OPTIONS "-Djavax.net.debug=ssl,handshake,record"
                        than mozilla&


                        here are the trace from java console.

                        Keep-Alive-Timer, called close()
                        Keep-Alive-Timer, called closeInternal(true)
                        Keep-Alive-Timer, SEND SSLv3 ALERT: warning, description = close_notify
                        Keep-Alive-Timer, WRITE: SSLv3 Alert, length = 18
                        connecting .....
                        host name= <My Server>.com
                        protocol, host, port: https,<My Server>.com,443
                        protocol, host, port: https,<My Server>.com,443
                        Connecting https://<My Server>.com:443/servlet/TestServlet with proxy=<Some IP>:8080
                        Connecting https://<My Server>.com:443/servlet/TestServlet with cookie "location=US; 308459745329902"
                        %% Client cached [Session-2, SSL_RSA_WITH_RC4_128_MD5]
                        %% Try resuming [Session-2, SSL_RSA_WITH_RC4_128_MD5] from port 56415
                        *** ClientHello, SSLv3
                        RandomCookie: GMT: 1132902392 bytes = { 110, 89, 121, 148, 208, 167, 225, 91, 11, 105, 171, 52, 228, 11, 80, 4, 175, 152, 215, 55, 242, 196, 93, 224, 144, 19, 248, 170 }
                        Session ID: {42, 82, 78, 162, 104, 30, 55, 158, 177, 10, 248, 62, 144, 215, 28, 156, 61, 199, 87, 40, 101, 127, 101, 228, 149, 213, 213, 206, 96, 3, 69, 169}
                        Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
                        Compression Methods: { 0 }
                        ***
                        AWT-EventQueue-3, WRITE: SSLv3 Handshake, length = 105
                        AWT-EventQueue-3, READ: SSLv3 Handshake, length = 74
                        *** ServerHello, SSLv3
                        RandomCookie: GMT: 12925 bytes = { 67, 219, 163, 218, 120, 224, 147, 67, 225, 217, 118, 101, 71, 152, 88, 122, 113, 137, 77, 140, 67, 101, 230, 162, 161, 136, 125, 214 }
                        Session ID: {42, 82, 78, 162, 104, 30, 55, 158, 177, 10, 248, 62, 144, 215, 28, 156, 61, 199, 87, 40, 101, 127, 101, 228, 149, 213, 213, 206, 96, 3, 69, 169}
                        Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
                        Compression Method: 0
                        ***
                        CONNECTION KEYGEN:
                        Client Nonce:
                        0000: 44 87 B8 F8 6E 59 79 94 D0 A7 E1 5B 0B 69 AB 34 D...nYy....[.i.4
                        0010: E4 0B 50 04 AF 98 D7 37 F2 C4 5D E0 90 13 F8 AA ..P....7..].....
                        Server Nonce:
                        0000: 00 00 32 7D 43 DB A3 DA 78 E0 93 43 E1 D9 76 65 ..2.C...x..C..ve
                        0010: 47 98 58 7A 71 89 4D 8C 43 65 E6 A2 A1 88 7D D6 G.Xzq.M.Ce......
                        Master Secret:
                        0000: 19 CC E5 0D 38 BF D4 F9 A3 4D 48 27 49 FF F5 76 ....8....MH'I..v
                        0010: C9 DD BC F1 EC ED D2 0E 03 82 88 69 B0 14 B4 07 ...........i....
                        0020: 45 1F 53 0F A9 23 6B BB 5A F5 CF 35 E3 49 CF 4F E.S..#k.Z..5.I.O
                        Client MAC write Secret:
                        0000: 5D BB CB 28 BE 83 7A 7E D8 57 EA A7 F2 76 F3 D3 ]..(..z..W...v..
                        Server MAC write Secret:
                        0000: 24 62 3D 94 32 31 D9 ED C2 B4 84 F8 E4 6C 20 FE $b=.21.......l .
                        Client write key:
                        0000: C7 B5 7E 22 AF 9D 43 FC 5E 5C B6 9A 75 4D 62 6F ..."..C.^\..uMbo
                        Server write key:
                        0000: 7C 3C BE AF 6E C9 E6 04 96 A5 AF 3D 5E 48 52 B0 .<..n......=^HR.
                        ... no IV for cipher
                        %% Server resumed [Session-2, SSL_RSA_WITH_RC4_128_MD5]
                        AWT-EventQueue-3, READ: SSLv3 Change Cipher Spec, length = 1
                        JsseJCE: Using JSSE internal implementation for cipher RC4
                        AWT-EventQueue-3, READ: SSLv3 Handshake, length = 56
                        *** Finished
                        verify_data: { 131, 88, 18, 135, 164, 65, 185, 98, 157, 121, 223, 51, 65, 53, 9, 0, 246, 184, 167, 198, 104, 188, 88, 109, 136, 10, 161, 24, 180, 155, 179, 20, 239, 63, 212, 162 }
                        ***
                        AWT-EventQueue-3, WRITE: SSLv3 Change Cipher Spec, length = 1
                        JsseJCE: Using JSSE internal implementation for cipher RC4
                        *** Finished
                        verify_data: { 152, 171, 227, 109, 148, 149, 169, 251, 12, 116, 50, 148, 66, 132, 153, 171, 249, 75, 126, 96, 231, 24, 233, 189, 52, 151, 125, 112, 234, 41, 166, 0, 54, 108, 132, 163 }
                        ***
                        AWT-EventQueue-3, WRITE: SSLv3 Handshake, length = 56
                        AWT-EventQueue-3, WRITE: SSLv3 Application Data, length = 392
                        AWT-EventQueue-3, WRITE: SSLv3 Application Data, length = 73
                        AWT-EventQueue-3, READ: SSLv3 Application Data, length = 158
                        getting response
                        AWT-EventQueue-3, READ: SSLv3 Application Data, length = 36
                        AWT-EventQueue-3, called close()
                        AWT-EventQueue-3, called closeInternal(true)
                        AWT-EventQueue-3, SEND SSLv3 ALERT: warning, description = close_notify
                        AWT-EventQueue-3, WRITE: SSLv3 Alert, length = 18

                        Login : OK
                        • 9. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                          843811
                          I'm trying to debug the same issue on a java applet connecting via a forward proxy to our servers behind a reverse proxy.

                          How do I set these debug options on a PC running either IE or Firefox please? I can't find anything helpful in the java console.

                          Regards
                          Roger
                          London
                          • 10. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                            843811
                            Does someone know why it seems to connection is closed and the second call tried to use the cached (closed) first session?

                            I'm having the same problem here using JAX-WS client. The first call succeeds but the second does not.
                            This looks strange to be because I'm not having much options.


                            Regards,
                            Manfred
                            • 11. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                              843811
                              just now i found that problems but i don't konw how to do.....
                              and what means of "set javax.net.debug=ssl,handshake,record at the client and show us the output.How to set this at client side"?
                              • 12. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                                843811
                                how did the problem happlen? I'm wait to your answer on line....
                                • 13. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection during h
                                  843811
                                  I struggled with this for a while and found a solution, so thought I'd post it even though the discussion is quite old. The issue was that our SSL connections would work on the first call, but then fail on subsequent calls while trying to reuse the connection.

                                  I had to update the java.security file within the java installation itself to remove the SunPKCS11 cryptography provider.

                                  Originally the file on the server had this configuration:
                                  #
                                  # List of providers and their preference orders (see above):
                                  #
                                  security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg
                                  security.provider.2=sun.security.provider.Sun
                                  security.provider.3=sun.security.rsa.SunRsaSign
                                  security.provider.4=com.sun.net.ssl.internal.ssl.Provider
                                  security.provider.5=com.sun.crypto.provider.SunJCE
                                  security.provider.6=sun.security.jgss.SunProvider
                                  security.provider.7=com.sun.security.sasl.Provider
                                  security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
                                  security.provider.9=sun.security.smartcardio.SunPCSC
                                  When we updated it to this configuration, the problem is resolved:
                                  #
                                  # List of providers and their preference orders (see above):
                                  #
                                  security.provider.1=sun.security.provider.Sun
                                  security.provider.2=sun.security.rsa.SunRsaSign
                                  security.provider.3=com.sun.net.ssl.internal.ssl.Provider
                                  security.provider.4=com.sun.crypto.provider.SunJCE
                                  security.provider.5=sun.security.jgss.SunProvider
                                  security.provider.6=com.sun.security.sasl.Provider
                                  security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
                                  security.provider.8=sun.security.smartcardio.SunPCSC
                                  security.provider.9=sun.security.mscapi.SunMSCAPI
                                  Edited by: natephipps on Jan 8, 2010 9:03 AM
                                  • 14. Re: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri
                                    EJP
                                    and what means of "set javax.net.debug=ssl,handshake,record at the client and show us the output.How to set this at client side"?
                                    That question was answered here in June 2006.
                                    1 2 Previous Next