To test weather my certificates are trusted on both sides i import the client cert in the browser and call the uri. This way you know it is not the app, but related to cert (chain) not being trusted.
Greetings, erwin -----Oorspronkelijk bericht----- Van: Peter Gylling Jørgensen [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 20 maart 2007 14:31 Aan: [email protected] Onderwerp: SSL Handshake failure Dear users, Please enligthen me upon the error shown below. I have a axis2 v. 1.1.1 java client which must talk to a HTTPS soap service, which I have no access to, so I need your help to understand the cause of the error. According to this site, the first 3 steps is accepted. - http://www.owasp.org/index.php/Using_the_Java_Secure_Socket_Extensions#SSL_Handshake_Protocol I have no clue for what is causing this situation. CLIENT LOG: *** ClientHello, TLSv1 *** *** ServerHello, TLSv1 *** %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5] ** SSL_RSA_WITH_RC4_128_MD5 *** Found trusted certificate: *** CertificateRequest Cert Types: RSA, DSS, Cert Authorities: <CN=Root CA, O=Gatehouse, L=Aalborg, ST=Denmark, C=DK> [read] MD5 and SHA1 hashes: len = 100 0000: 0D 00 00 60 02 01 02 00 5B 00 59 30 57 31 0B 30 ...`....[.Y0W1.0 0010: 09 06 03 55 04 06 13 02 44 4B 31 10 30 0E 06 03 ...U....DK1.0... 0020: 55 04 08 13 07 44 65 6E 6D 61 72 6B 31 10 30 0E U....Denmark1.0. 0030: 06 03 55 04 07 13 07 41 61 6C 62 6F 72 67 31 12 ..U....Aalborg1. 0040: 30 10 06 03 55 04 0A 13 09 47 61 74 65 68 6F 75 0...U....Gatehou 0050: 73 65 31 10 30 0E 06 03 55 04 03 13 07 52 6F 6F se1.0...U....Roo 0060: 74 20 43 41 t CA *** ServerHelloDone [read] MD5 and SHA1 hashes: len = 4 0000: 0E 00 00 00 .... *** Certificate chain *** *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 Random Secret: { 3, 1, 212, 44, 183, 122, 241, 233, 175, 80, 37, 92, 0, 43, 126, 93, 21, 145, 112, 41, 29, 102, 127, 195, 208, 133, 61, 104, 106, 6, 38, 4, 70, 112, 225, 27, 195, 200, 215, 61, 235, 73, 71, 27, 99, 148, 90, 100 } [write] MD5 and SHA1 hashes: len = 269 0000: 0B 00 00 03 00 00 00 10 00 01 02 01 00 55 28 7D .............U(. 0010: CB 2E 1A 6B 73 DC 92 68 EE E3 1C A4 2D 79 8D 16 ...ks..h....-y.. 0020: F4 C8 E7 65 7E D3 59 DF 49 54 C0 DD FC AA B9 7A ...e..Y.IT.....z 0030: 4D A4 5D E6 DE 87 B6 F1 67 5C ED 2F 87 8C F3 8E M.].....g\./.... 0040: 9C 5C 04 32 5F F0 E6 DD 6D 40 1A CD 73 80 D9 97 [EMAIL PROTECTED] 0050: 39 13 3F 36 D0 FA A7 C7 3F 5C 41 16 BF 94 5B DF 9.?6....?\A...[. 0060: A6 67 53 CE 72 09 C1 E2 89 84 CF 0F 0B 17 E7 9B .gS.r........... 0070: B0 66 EF 24 2F 08 E5 65 7B 13 A0 A7 2D 92 12 1D .f.$/..e....-... 0080: A7 1B E2 C2 4E B7 A6 7A 63 D6 1E 9B D5 25 4D 3F ....N..zc....%M? 0090: 58 01 53 FE B5 85 D5 74 DC 17 87 CC 02 76 7D 0E X.S....t.....v.. 00A0: DE 8B 60 E5 30 B2 93 AF D8 D4 27 3F 34 CA 99 76 ..`.0.....'?4..v 00B0: 1E 25 2B 8D 20 73 87 E4 C5 A9 65 0A 87 43 C3 B7 .%+. s....e..C.. 00C0: 3B 88 80 DD 27 12 57 88 74 C4 83 B5 1B 1E F6 6F ;...'.W.t......o 00D0: D9 BE CA 70 50 52 7D 25 C2 5A 66 07 1F 14 F7 8B ...pPR.%.Zf..... 00E0: 4A 2D B6 40 56 DC AD 30 19 EC E9 F6 42 62 52 26 [EMAIL PROTECTED]& 00F0: DA 5D 8C D8 F7 BB E2 9D 94 66 AC 6B 1B D0 D8 4A .].......f.k...J 0100: 83 BA 0F B7 D2 D4 13 78 12 D2 4D CA DE .......x..M.. main, WRITE: TLSv1 Handshake, length = 269 SESSION KEYGEN: PreMaster Secret: 0000: 03 01 D4 2C B7 7A F1 E9 AF 50 25 5C 00 2B 7E 5D ...,.z...P%\.+.] 0010: 15 91 70 29 1D 66 7F C3 D0 85 3D 68 6A 06 26 04 ..p).f....=hj.&. 0020: 46 70 E1 1B C3 C8 D7 3D EB 49 47 1B 63 94 5A 64 Fp.....=.IG.c.Zd CONNECTION KEYGEN: Client Nonce: 0000: 45 FF DB 0A 27 BC 27 6B 07 6C 6B D7 EE 8B 1A 50 E...'.'k.lk....P 0010: 10 F9 AA B9 9A DD 73 79 E7 02 22 16 34 C7 B5 D6 ......sy..".4... Server Nonce: 0000: 45 FF DB 0A 5F E7 57 9C 50 BF B1 11 42 D7 F5 B9 E..._.W.P...B... 0010: 9F F0 E9 3C B2 3E AB 97 83 A5 D7 E3 6A DD 4B F3 ...<.>......j.K. Master Secret: 0000: 14 9B 1D 9E AD 37 92 FD 24 CD E2 8E 76 18 01 05 .....7..$...v... 0010: F7 A8 65 5F FC 84 AF 40 AA 1E 7D 62 CD 9D 53 33 [EMAIL PROTECTED] 0020: 72 F7 D2 E6 1D 84 A5 BD ED C4 17 6E 7A AD B0 C2 r..........nz... Client MAC write Secret: 0000: D4 9A 7D AF AC 7D 5E 1E FE 94 3D 9F 56 BC 7C AA ......^...=.V... Server MAC write Secret: 0000: 52 24 6A 22 93 C3 FA 8D 24 42 97 87 BD 76 FD 4A R$j"....$B...v.J Client write key: 0000: E1 05 86 3C D5 B6 3E B1 16 5E B6 14 F1 19 EE 5A ...<..>..^.....Z Server write key: 0000: 84 BB 0F 1D BD 4A F2 D7 3D BF 24 AF 5B 82 5D D0 .....J..=.$.[.]. ... no IV for cipher main, WRITE: TLSv1 Change Cipher Spec, length = 1 *** Finished verify_data: { 218, 47, 227, 191, 234, 255, 74, 74, 91, 233, 177, 110 } *** [write] MD5 and SHA1 hashes: len = 16 0000: 14 00 00 0C DA 2F E3 BF EA FF 4A 4A 5B E9 B1 6E ...../....JJ[..n main, WRITE: TLSv1 Handshake, length = 32 main, READ: TLSv1 Alert, length = 2 main, RECV TLSv1 ALERT: fatal, handshake_failure main, called closeSocket() main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure main, called close() main, called closeInternal(true) main, called close() main, called closeInternal(true) main, called close() main, called closeInternal(true) [ERROR] 20 mar 2007 14:00:58,618 se.smhi.seatrack.ais.DbserverStubTest.testConnection IOException: Received fatal alert: handshake_failure [DEBUG] 20 mar 2007 14:00:58,618 se.smhi.seatrack.ais.DbserverStubTest.testConnection StackTrace: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) \pgj -- Peter Gylling Jørgensen Modelling group, section of Oceanography Royal Danish Administration of Navigation and Hydrography Overgaden o. Vandet 62B DK-1023 København K Phone: +45 32 68 96 85 Email: [EMAIL PROTECTED] www: http://www.frv.dk/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
