[jira] [Commented] (HTTPCORE-267) SSL handshake is failing when unsafe re-negotiation is enabled

Thu, 28 Jul 2011 07:58:41 -0700 

    [ 
https://issues.apache.org/jira/browse/HTTPCORE-267?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13072387#comment-13072387
 ] 

Oleg Kalnichevski commented on HTTPCORE-267:
--------------------------------------------

I guess that explains it.

blocking i/o
---
executing requestGET /WebHost/SampleService.svc?wsdl HTTP/1.1
main, setSoTimeout(0) called
Allow unsafe renegotiation: true
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
---

non-blocking i/o
---
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
--- 

Oleg

> SSL handshake is failing when unsafe re-negotiation is enabled
> --------------------------------------------------------------
>
>                 Key: HTTPCORE-267
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-267
>             Project: HttpComponents HttpCore
>          Issue Type: Bug
>          Components: HttpCore NIO
>    Affects Versions: 4.1
>         Environment: Java version "1.6.0_26"
> Client OS - Ubuntu
> Server - IIS 7 (Web service which uses HTTPS - HTTPS configuration is set to 
> request client certificate
>            Reporter: Amila Jayasekara
>         Attachments: NIO-SSL-Logs.txt, Normal-Transport-Logs.txt
>
>
> I have a .Net web service which communicates through https transport.
> On .Net web service end I have enabled "Require client certificate"
> option. In which, connecting client needs to provide a valid
> certificate.
> In the client side i specified 
> -Dsun.security.ssl.allowUnsafeRenegotiation=true. Still i am not able to 
> properly handshake.
> Logs are attached.
> Same was tested with normal transport. That worked without an issue. I will 
> also attach SSL logs with normal transport.
> Thanks
> AmilaJ

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to