Hi Alexander, I created JIRA report HARMONY-1914 because I could not email a zip attachment with the debug info you requested from the -Djsse=record,prf,socket VM argument. Your help is greatly appreciated.
Gerald Jerome VerizonBusiness -----Original Message----- From: Alexander Kleymenov [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 18, 2006 3:27 AM To: harmony-dev@incubator.apache.org Subject: Re: [classlib][xnet] Problem connecting using SSLSocketImpl Hello Gerald, > Hi Alexander, I'm a bit new at this ASF Harmony stuff so bear with me. It's OK. We all are involved in a continual learning process. > I'm using Eclipse on Windblows XP. I set it up per the instructions on the > Apache-Harmony web set for configuring Eclipse to work on Harmony code - > including downloading that VM from IBM. When I run my class under Eclipse, > here are the console error messages I get: > javax.net.ssl.SSLException: Fatal alert received unexpected_message > at > org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.processAlert(SSLSocketIm > pl.java:790) > at > org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImp > l.java:731) > at > org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocket > Impl.java:437) > at CreateSSLEng.<init>(CreateSSLEng.java:72) > at CreateSSLEng.main(CreateSSLEng.java:93) Hmm, it is very strange. Stack trace shows that the server side got unexpected message and reported us about it. In case of unsupported cipher suites (as we thought) we should receive "handshake_failure" alert, not "unexpected_message". So the problem here is with client which sends unexpected message to the server. > I tried the -Djsse=record,prf,socket VM option you suggest (both in the > Target field of the Eclipse shortcut and as a Target Platform/Launching > Arguments VM argument within Eclipse Preferences), but I see nothing in > Eclipse showing this output. Perhaps there is a log file somewhere? I > dunno. I could not reproduce your output. I've tried your code to connect to the JRockit SSL Server Socket configured to use only "TLS_RSA_WITH_AES_128_CBC_SHA" cipher suite. I have started your code from eclipse and got: javax.net.ssl.SSLException: Fatal alert received handshake_failure at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.processAlert(SSLSocketIm pl.java:791) at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.doHandshake(SSLSocketImp l.java:732) at org.apache.harmony.xnet.provider.jsse.SSLSocketImpl.startHandshake(SSLSocket Impl.java:438) As expected in case of absence of common cipher suite.. I'm not sure but the reason you got "handshake_failure" alert can be old SSL version running on the remote side. Harmony's JSSE provider supports TLS v1 and SSL v3 versions of the protocol, and if the server uses SSL v2 it simply does not understand the client. If it is possible try to run the server side with SSL v3 or TLS v1 protocols. I have added the -Djsse=record,prf,socket option as follows: Menu Run -> Run... , "Create, manage, and run configurations" window is appeared. Open "(x)= Argument" tab and write -Djsse=record,prf,socket in the "VM arguments" text window. Then press Apply and Run. Please try these steps - there should be log output in "Console" tab of Eclipse. Thank You, Alexander Kleymenov --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
