Hi. I'm using HttpsUrlConnection to access a secure location. It used to work just fine until I updated my JRE to 1.7. Now I get the "Remote host closed connection during handshake" SSLException. After running the app using -Djavax.net.debug=ssl:handshake, both under JRE 1.6 and JRE 1.7, my impression is that under 1.7 the cached client session fails to resume, causing the exception. If this is the problem indeed, how do I solve it or, at least, how can I disable the session caching?
UPDATE: I have come to understand that under JRE 1.6 my client app uses SSLv2Hello encapsulation. However it does not do that under JRE 1.7, which is most probably what causes the exception. My question is now this: how do I enable SSLv2Hello encapsulation for clients running on JRE 1.7?
Thanks in advance.
Edited by: 927152 on Apr 18, 2012 7:23 AM
Are you sure the problem occurs during session resumption?
SSL version 2 hello was disabled by default on the client in JDK 7. If you want to use it, you will have to enable it by calling SSLSocket/SSLEngine.setProtocols() explicit.
Some older servers don't know what to do with unknown extensions. They are supposed to ignore them, but some actually close the connections with an error. By encapsulating, you are essentially stripping off any extensions because there is no such thing in the SSLv2 format. Suggest upgrading server if possible.