What about the latest java 7? Gary
On Sep 23, 2012, at 12:12, "Oleg Kalnichevski (JIRA)" <[email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/HTTPCLIENT-1234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13461449#comment-13461449 > ] > > Oleg Kalnichevski commented on HTTPCLIENT-1234: > ----------------------------------------------- > > I think I found a difference in the way two JRE versions do the opening > sequence of the SSL handshake. For some reason I appears that JRE 1.6.0 falls > back onto SSLv2 protocol version in the middle of the opening sequence which > prompts the server to reject the connection. I do not think this problem has > anything to do with HttpClient. > > > JRE 1.7.0.01 > --- > *** ClientHello, TLSv1 > ... > [write] MD5 and SHA1 hashes: len = 149 > ... > main, WRITE: TLSv1 Handshake, length = 149 > [Raw write]: length = 154 > ... > [Raw read]: length = 5 > 0000: 16 03 01 00 51 ....Q > [Raw read]: length = 81 > ... > main, READ: TLSv1 Handshake, length = 81 > *** ServerHello, TLSv1 > RandomCookie: GMT: 1348410688 bytes = { 210, 137, 120, 151, 141, 204, 17, > 181, 25, 243, 201, 26, 184, 125, 141, 72, 59, 152, 57, 122, 107, 8, 163, 173, > 203, 82, 49, 135 } > Session ID: {206, 47, 136, 138, 182, 213, 100, 57, 8, 199, 62, 173, 155, > 182, 237, 164, 144, 1, 53, 143, 93, 21, 247, 169, 244, 107, 37, 10, 75, 36, > 144, 127} > Cipher Suite: SSL_RSA_WITH_RC4_128_SHA > Compression Method: 0 > Extension renegotiation_info, renegotiated_connection: <empty> > *** > %% Initialized: [Session-1, SSL_RSA_WITH_RC4_128_SHA] > ** SSL_RSA_WITH_RC4_128_SHA > --- > > JRE 1.6.0.29 > --- > *** ClientHello, TLSv1 > ... > [write] MD5 and SHA1 hashes: len = 75 > ... > main, WRITE: TLSv1 Handshake, length = 75 > [write] MD5 and SHA1 hashes: len = 101 > ... > main, WRITE: SSLv2 client hello message, length = 101 > ... > main, handling exception: java.net.SocketException: Connection reset > main, SEND TLSv1 ALERT: fatal, description = unexpected_message > --- > > The 'main, WRITE: SSLv2 client hello message, length = 101' seems to be the > cause of the problem. > > Oleg > >> HTTPS + SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER leads to >> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated >> ------------------------------------------------------------------------------------------------------------------------------ >> >> Key: HTTPCLIENT-1234 >> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1234 >> Project: HttpComponents HttpClient >> Issue Type: Bug >> Components: HttpClient >> Affects Versions: 4.2.1 >> Reporter: Philippe Mouawad >> Attachments: WebClientDevWrapper.java >> >> >> Hello, >> We got a report of an issue with JMeter: >> http://stackoverflow.com/questions/12538233/javax-net-ssl-sslpeerunverifiedexception-peer-not-authenticated-when-load-testi >> The reporter has setup a public site with his configuration: >> https://ec2-50-17-85-212.compute-1.amazonaws.com:8443/hello/ >> I reproduced issue with JMeter but it seems it comes from HttpClient or it's >> a feature. >> I created a simple test class I attach here not related to JMeter > > -- > This message is automatically generated by JIRA. > If you think it was sent incorrectly, please contact your JIRA administrators > For more information on JIRA, see: http://www.atlassian.com/software/jira > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
