[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] SSLClient Demo doesn't work: Exception during handshake



Thanks. I'm going to test with the solutions you have sent me. I'll tell you
later...Thanks again
----------------------------------------------------------------------------
---- Alberto de Vega Luna
----- Original Message -----
From: "Dieter Bratko" <Dieter.Bratko@iaik.at>
To: "Marcus Olk" <marcuso@web.de>; <iaik-ssl@iaik.at>
Sent: Wednesday, November 21, 2001 6:17 PM
Subject: AW: [iaik-ssl] SSLClient Demo doesn't work: Exception during
handshake


Hello,

we have successfully connected to www.verisign.com serveral time (I just
tried
it again now). The only known problem is the server certificate rejecting
due
to the reissued expired CA certificate (please see
http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/msg00577.html
or http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/msg00453.html
for a possible solution for this problem).

However, your handshake with verisign already fails during the hello
messages
which has not been observed so far. Perhaps the none of the cipher suites
offered by your client is supported by Verisign´s HTTPS server.

Regards,
Dieter Bratko

-----Ursprüngliche Nachricht-----
Von: iaik-ssl-owner@iaik.tu-graz.ac.at
[mailto:iaik-ssl-owner@iaik.tu-graz.ac.at]Im Auftrag von Marcus Olk
Gesendet: Montag, 19. November 2001 17:08
An: iaik-ssl@iaik.at
Betreff: [iaik-ssl] SSLClient Demo doesn't work: Exception during
handshake


A secure Hello to this list,

I am currently evaluating SSL implementations written in Java and
got stuck with the IAIK SSL package: the demo class SSLClient doesn't work.
Wenn trying to connect to VeriSign.com on port 443 the execution
fails with these debug messages:

Quick-starting random number generator (not for use in production
systems!)...
Connecting to www.verisign.com:443...
TCP connection established
ssl_debug(1): Starting handshake (iSaSiLk 3.03 Evaluation Version)...
ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...
ssl_debug(1): Received alert message: Alert Fatal: handshake failure
ssl_debug(1): SSLException while handshaking: Peer sent alert: Alert Fatal:
handshake failure
ssl_debug(1): Shutting down SSL layer...
An exception occured:
iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake
failure
        at iaik.security.ssl.r.f(Unknown Source)
        at iaik.security.ssl.x.b(Unknown Source)
        at iaik.security.ssl.x.a(Unknown Source)
        at iaik.security.ssl.r.d(Unknown Source)
        at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
        at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
        at demo.basic.MySSLClient.connect(MySSLClient.java:145)
        at demo.basic.MySSLClient.main(MySSLClient.java:231)
ssl_debug(1): Closing transport...

Any hints how to interpret this "interesting" information?
How can one tell what went wrong by reading this?

BTW: It's no problem at all to connect via an Sun JDK 1.4beta3 JSSE
SSL-Socket...

Any hints are highly appreciated!

Thanks,
Marcus


--
  Marcus Olk
  m@rcus-olk.net

--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-ssl



--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-ssl


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl