[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] Fatal SSL handshake error



Your IAIK JCE does not seem to be set up correctly or there seems to be a
problem with the Sun provider. I would recommend removing the Sun JCE JAR
files, especially if you are using the 1.2.1 version.

 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.at


-----Ursprüngliche Nachricht-----
Von: "Calvarese Fabrino" <Fabrino.Calvarese@pageuropa.it>
An: <iaik-ssl@iaik.at>
Gesendet: Donnerstag, 26. Oktober 2000 12:39
Betreff: [iaik-ssl] Fatal SSL handshake error


> > Hi,
> > reading your example of https connection in your iaik_ssl version
3.02
> > pakage, i have this simple test program :
> >
> >     IAIK.addAsProvider(true );
> >     URL.setURLStreamHandlerFactory(new
HttpsURLStreamHandlerFactory());
> >     URL url = new URL("https://jcewww.iaik.at/");
> >     HttpsURLConnection con =
(HttpsURLConnection)url.openConnection();
> >
> >     SSLContext context = new SSLClientContext();
> >     context.setDebugStream(System.out);
> >
> >     con.setSSLContext(context);
> >     con.setRequestMethod("POST");
> >     con.setDoInput(true);
> >     con.setDoOutput(true);
> >
> >     OutputStream out = con.getOutputStream();
> >     out.write("foobar".getBytes());
> >     out.flush();
> >
> >     con.getInputStream();
> >     System.out.println("*****" + con.getResponseCode());
> >
> > When i run this program, i have received following output:
> >
> > ssl_debug(1): Starting handshake...
> > ssl_debug(1): Sending v3 client_hello message, requesting version
3.1...
> > ssl_debug(1): Received v3 server_hello handshake message.
> > ssl_debug(1): Server selected SSL version 3.1.
> > ssl_debug(1): Server created new session 02:00:00:00:88:39:23:71...
> > ssl_debug(1): CipherSuite selected by server:
SSL_RSA_WITH_RC4_128_MD5
> > ssl_debug(1): CompressionMethod selected by server: NULL
> > ssl_debug(1): Received certificate handshake message with server
> > certificate.
> > ssl_debug(1): Exception while handshaking:
> > ssl_debug(1): java.lang.IllegalArgumentException: Unsupported public
key
> > type: sun.security.x509.X509Key
> > ssl_debug(1): at iaik.security.ssl.Utils.a(Unknown Source)
> > ssl_debug(1): at iaik.security.ssl.Utils.a(Unknown Source)
> > ssl_debug(1): at iaik.security.ssl.x.b(Unknown Source)
> > ssl_debug(1): at iaik.security.ssl.x.a(Unknown Source)
> > ssl_debug(1): at iaik.security.ssl.r.d(Unknown Source)
> > ssl_debug(1): at
> > iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
> > ssl_debug(1): at
> > iaik.security.ssl.SSLTransport.getOutputStream(Unknown Source)
> > ssl_debug(1): at
> > iaik.security.ssl.SSLSocket.getOutputStream(Unknown Source)
> > ssl_debug(1): at org.w3c.www.protocol.http.f.markUsed(Unknown
> > Source)
> > ssl_debug(1): at
> > org.w3c.www.protocol.http.HttpBasicServer.getConnection(Unknown
Source)
> > ssl_debug(1): at
> > org.w3c.www.protocol.http.HttpBasicServer.runRequest(Unknown Source)
> > ssl_debug(1): at
> > org.w3c.www.protocol.http.HttpManager.runRequest(Unknown Source)
> > ssl_debug(1): at
> > org.w3c.www.protocol.http.HttpURLConnection.connect(Unknown Source)
> > ssl_debug(1): at
> > org.w3c.www.protocol.http.HttpURLConnection.a(Unknown Source)
> > ssl_debug(1): at
> > org.w3c.www.protocol.http.HttpURLConnection.getInputStream(Unknown
Source)
> > ssl_debug(1): at
> > pinokepalle.SelfSigned.prova3(SelfSigned.java:124)
> > ssl_debug(1): at pinokepalle.SelfSigned.<init>(SelfSigned.java:51)
> > ssl_debug(1): at pinokepalle.SelfSigned.main(SelfSigned.java:59)
> > ssl_debug(1): Sending alert: Alert Fatal: handshake failure
> > ssl_debug(1): Shutting down SSL layer...
> > ssl_debug(1): Closing transport...
> > org.w3c.www.protocol.http.HttpException: java.io.IOException: Fatal
SSL
> > handshake error: java.lang.IllegalArgumentException: Unsupported
public
> > key type: sun.security.x509.X509Key
> >
> > Why this error message?.
> > How i can resolve it?
> >
> > Thanks for your help.
> > Fabrino.
> >
> >
> --
> Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html
>
> To unsubscribe send an email to listserv@iaik.at with the folowing
content: UNSUBSCRIBE iaik-ssl
>
>
>


***************************************************************************
*                                                                         *
* IAIK S/MIME Mapper Security Info                                        *
* ===================================                                     *
*                                                                         *
* for message:                                                            *
*   From: "Andreas Sterbenz" <Andreas.Sterbenz@iaik.at>                   *
*   Date: Fri, 27 Oct 2000 10:02:07 +0200                                 *
*   Subject: Re: [iaik-ssl] Fatal SSL handshake error                     *
*                                                                         *
* Message S/MIME properties:                                              *
*                                                                         *
*   Encrypted using:    not encrypted                                     *
*                                                                         *
*   Digitally signed:   yes                                               *
*   Signature valid:    yes                                               *
*   Signature trusted:  yes                                               *
*                                                                         *
*                                                                         *
* Compliance with policy for email addresses *@iaik.at:                   *
*                                                                         *
*   Encryption:         OK (None or better required)                      *
*                                                                         *
*   Digital Signature:  OK (digital signature required)                   *
*                                                                         *
***************************************************************************