Dear users, I have discovered, that my error is due to the fact that my client application isn't sending the correct certificate back, infact it's not sending any certificate.
I can list the correct client certificate in my keystore before the SSL handskake starts. What can be the cause to the error? A self signed certificate? \pgj > -----Oprindelig meddelelse----- > Fra: Erwin Reinhoud [mailto:[EMAIL PROTECTED] > Sendt: 20. marts 2007 16:05 > Til: [email protected] > Emne: RE: SSL Handshake failure > > To test weather my certificates are trusted on both sides i > import the client cert in the browser and call the uri. This > way you know it is not the app, but related to cert (chain) > not being trusted. > > Greetings, > > erwin > > -----Oorspronkelijk bericht----- > Van: Peter Gylling Jørgensen [mailto:[EMAIL PROTECTED] > Verzonden: dinsdag 20 maart 2007 14:31 > Aan: [email protected] > Onderwerp: SSL Handshake failure > > > Dear users, > > Please enligthen me upon the error shown below. > > I have a axis2 v. 1.1.1 java client which must talk to a > HTTPS soap service, which I have no access to, so I need your > help to understand the cause of the error. > > According to this site, the first 3 steps is accepted. > - > http://www.owasp.org/index.php/Using_the_Java_Secure_Socket_Ex > tensions#SSL_Handshake_Protocol > > I have no clue for what is causing this situation. > > CLIENT LOG: > *** ClientHello, TLSv1 > *** > *** ServerHello, TLSv1 > *** > %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5] > ** SSL_RSA_WITH_RC4_128_MD5 > *** > Found trusted certificate: > *** CertificateRequest > Cert Types: RSA, DSS, > Cert Authorities: > <CN=Root CA, O=Gatehouse, L=Aalborg, ST=Denmark, C=DK> > [read] MD5 and SHA1 hashes: len = 100 > 0000: 0D 00 00 60 02 01 02 00 5B 00 59 30 57 31 0B 30 > ...`....[.Y0W1.0 > 0010: 09 06 03 55 04 06 13 02 44 4B 31 10 30 0E 06 03 > ...U....DK1.0... > 0020: 55 04 08 13 07 44 65 6E 6D 61 72 6B 31 10 30 0E > U....Denmark1.0. > 0030: 06 03 55 04 07 13 07 41 61 6C 62 6F 72 67 31 12 > ..U....Aalborg1. > 0040: 30 10 06 03 55 04 0A 13 09 47 61 74 65 68 6F 75 > 0...U....Gatehou > 0050: 73 65 31 10 30 0E 06 03 55 04 03 13 07 52 6F 6F > se1.0...U....Roo > 0060: 74 20 43 41 t CA > *** ServerHelloDone > [read] MD5 and SHA1 hashes: len = 4 > 0000: 0E 00 00 00 .... > *** Certificate chain > *** > *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 > Random Secret: { 3, 1, 212, 44, 183, 122, 241, 233, 175, 80, > 37, 92, 0, 43, 126, 93, 21, 145, 112, 41, 29, 102, 127, 195, > 208, 133, 61, 104, 106, 6, 38, 4, 70, 112, 225, 27, 195, 200, > 215, 61, 235, 73, 71, 27, 99, 148, 90, 100 } > [write] MD5 and SHA1 hashes: len = 269 > 0000: 0B 00 00 03 00 00 00 10 00 01 02 01 00 55 28 7D > .............U(. > 0010: CB 2E 1A 6B 73 DC 92 68 EE E3 1C A4 2D 79 8D 16 > ...ks..h....-y.. > 0020: F4 C8 E7 65 7E D3 59 DF 49 54 C0 DD FC AA B9 7A > ...e..Y.IT.....z > 0030: 4D A4 5D E6 DE 87 B6 F1 67 5C ED 2F 87 8C F3 8E > M.].....g\./.... > 0040: 9C 5C 04 32 5F F0 E6 DD 6D 40 1A CD 73 80 D9 97 > [EMAIL PROTECTED] > 0050: 39 13 3F 36 D0 FA A7 C7 3F 5C 41 16 BF 94 5B DF > 9.?6....?\A...[. > 0060: A6 67 53 CE 72 09 C1 E2 89 84 CF 0F 0B 17 E7 9B > .gS.r........... > 0070: B0 66 EF 24 2F 08 E5 65 7B 13 A0 A7 2D 92 12 1D > .f.$/..e....-... > 0080: A7 1B E2 C2 4E B7 A6 7A 63 D6 1E 9B D5 25 4D 3F > ....N..zc....%M? > 0090: 58 01 53 FE B5 85 D5 74 DC 17 87 CC 02 76 7D 0E > X.S....t.....v.. > 00A0: DE 8B 60 E5 30 B2 93 AF D8 D4 27 3F 34 CA 99 76 > ..`.0.....'?4..v > 00B0: 1E 25 2B 8D 20 73 87 E4 C5 A9 65 0A 87 43 C3 B7 .%+. > s....e..C.. > 00C0: 3B 88 80 DD 27 12 57 88 74 C4 83 B5 1B 1E F6 6F > ;...'.W.t......o > 00D0: D9 BE CA 70 50 52 7D 25 C2 5A 66 07 1F 14 F7 8B > ...pPR.%.Zf..... > 00E0: 4A 2D B6 40 56 DC AD 30 19 EC E9 F6 42 62 52 26 > [EMAIL PROTECTED]& > 00F0: DA 5D 8C D8 F7 BB E2 9D 94 66 AC 6B 1B D0 D8 4A > .].......f.k...J > 0100: 83 BA 0F B7 D2 D4 13 78 12 D2 4D CA DE .......x..M.. > main, WRITE: TLSv1 Handshake, length = 269 > SESSION KEYGEN: > PreMaster Secret: > 0000: 03 01 D4 2C B7 7A F1 E9 AF 50 25 5C 00 2B 7E 5D > ...,.z...P%\.+.] > 0010: 15 91 70 29 1D 66 7F C3 D0 85 3D 68 6A 06 26 04 > ..p).f....=hj.&. > 0020: 46 70 E1 1B C3 C8 D7 3D EB 49 47 1B 63 94 5A 64 > Fp.....=.IG.c.Zd > CONNECTION KEYGEN: > Client Nonce: > 0000: 45 FF DB 0A 27 BC 27 6B 07 6C 6B D7 EE 8B 1A 50 > E...'.'k.lk....P > 0010: 10 F9 AA B9 9A DD 73 79 E7 02 22 16 34 C7 B5 D6 > ......sy..".4... > Server Nonce: > 0000: 45 FF DB 0A 5F E7 57 9C 50 BF B1 11 42 D7 F5 B9 > E..._.W.P...B... > 0010: 9F F0 E9 3C B2 3E AB 97 83 A5 D7 E3 6A DD 4B F3 > ...<.>......j.K. > Master Secret: > 0000: 14 9B 1D 9E AD 37 92 FD 24 CD E2 8E 76 18 01 05 > .....7..$...v... > 0010: F7 A8 65 5F FC 84 AF 40 AA 1E 7D 62 CD 9D 53 33 > [EMAIL PROTECTED] > 0020: 72 F7 D2 E6 1D 84 A5 BD ED C4 17 6E 7A AD B0 C2 > r..........nz... > Client MAC write Secret: > 0000: D4 9A 7D AF AC 7D 5E 1E FE 94 3D 9F 56 BC 7C AA > ......^...=.V... > Server MAC write Secret: > 0000: 52 24 6A 22 93 C3 FA 8D 24 42 97 87 BD 76 FD 4A > R$j"....$B...v.J > Client write key: > 0000: E1 05 86 3C D5 B6 3E B1 16 5E B6 14 F1 19 EE 5A > ...<..>..^.....Z > Server write key: > 0000: 84 BB 0F 1D BD 4A F2 D7 3D BF 24 AF 5B 82 5D D0 > .....J..=.$.[.]. > ... no IV for cipher > main, WRITE: TLSv1 Change Cipher Spec, length = 1 > *** Finished > verify_data: { 218, 47, 227, 191, 234, 255, 74, 74, 91, 233, > 177, 110 } > *** > [write] MD5 and SHA1 hashes: len = 16 > 0000: 14 00 00 0C DA 2F E3 BF EA FF 4A 4A 5B E9 B1 6E > ...../....JJ[..n > main, WRITE: TLSv1 Handshake, length = 32 > main, READ: TLSv1 Alert, length = 2 > main, RECV TLSv1 ALERT: fatal, handshake_failure > main, called closeSocket() > main, handling exception: > javax.net.ssl.SSLHandshakeException: Received fatal alert: > handshake_failure > main, called close() > main, called closeInternal(true) > main, called close() > main, called closeInternal(true) > main, called close() > main, called closeInternal(true) > [ERROR] 20 mar 2007 14:00:58,618 > se.smhi.seatrack.ais.DbserverStubTest.testConnection > IOException: Received fatal alert: handshake_failure > [DEBUG] 20 mar 2007 14:00:58,618 > se.smhi.seatrack.ais.DbserverStubTest.testConnection > StackTrace: > javax.net.ssl.SSLHandshakeException: Received fatal alert: > handshake_failure > at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) > > \pgj > -- > Peter Gylling Jørgensen > Modelling group, section of Oceanography > Royal Danish Administration of Navigation and Hydrography > Overgaden o. Vandet 62B DK-1023 København K > Phone: +45 32 68 96 85 > Email: [EMAIL PROTECTED] > www: http://www.frv.dk/ > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
