The newer the Jetty Server is the more unlikely it Supports the old and unsafe SSL2 handshake. You should not enable the SSL2Hello pseudo protocol on Client side. JDK certainly does not by Default.
Gruss Bernd -- http://bernd.eckenfels.net Von: Sean Dawson Gesendet: Sonntag, 12. November 2017 20:24 An: security-dev@openjdk.java.net Betreff: Re: java.net.ConnectException: Received fatal alert:unexpected_message Thanks for the reply. This is one of the latest versions of Jetty so I would hope that it would support that. But I've also tried specifying various other http.protocols on both sides but it hasn't seemed to change the result. Any other flags or things I should try? On Fri, Nov 10, 2017 at 11:48 PM, Jaikiran Pai <jai.forums2...@gmail.com> wrote: > Java 1.8.0_131 > Both servers on same machine, using same Java > Source server is using async-http-client 1.9.18 > Destination server is using Jetty 9.4.7.v20170914 .... > New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161 > [write] MD5 and SHA1 hashes: len = 140 > 0000: 01 03 03 00 63 00 00 00 20 00 C0 23 00 C0 27 00 ....c... ..#..'. > ... > 0080: 07 06 BB A0 AB 39 66 80 95 55 14 65 .....9f..U.e > New I/O worker #10, WRITE: SSLv2 client hello message, length = 140 It looks like the async-http-client is sending a SSLv2 client hello message during the handshake and I'm guessing Jetty doesn't support (or maybe has disabled) SSLv2Hello handshake messages. What SSL protocols have you enabled on both these sides? If you haven't explicitly enabled any, then what do they default to in these libraries/servers? -Jaikiran
