SSL handshake throwing error, as server upgraded to TLSv1 -

-

our tokenserver upgraded accept tlsv1/tlsv1.1/tlsv1.2 connections. code handshake using ssl failing. how upgrade code suuport tlsv1 handshake? java version 1.6. below ssl client code.

 public static void settruststore(string truststorepath, string truststorepwd)     {         if( truststorepath != null && !truststorepath.trim().equalsignorecase("null") && truststorepath.trim().length() != 0 ){             java.security.security.addprovider(new com.sun.net.ssl.internal.ssl.provider());             system.setproperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");             system.setproperty("javax.net.ssl.truststore", truststorepath);             if( truststorepwd != null && !truststorepwd.trim().equalsignorecase("null") && truststorepwd.trim().length() != 0 ){                 system.setproperty("javax.net.ssl.truststorepassword", truststorepwd.trim());             }         }         system.out.println(system.getproperty("java.protocol.handler.pkgs"));         system.out.println(system.getproperty("javax.net.ssl.truststore"));         system.out.println(system.getproperty("javax.net.ssl.truststorepassword"));     }  token server upgraded , failing connect it.  edited code below support tlsv1  package ml.token.utility;  import java.io.file; import java.io.fileinputstream; import java.net.socket; import java.security.keystore;   import javax.net.socketfactory;   import javax.net.ssl.keymanagerfactory;   import javax.net.ssl.sslcontext;   import javax.net.ssl.sslsocketfactory;   import javax.net.ssl.sslsocketfactory;  import javax.net.ssl.sslsocket;  import javax.net.ssl.sslsession; import javax.net.ssl.trustmanagerfactory;  import java.io.ioexception; import java.security.security; import org.bouncycastle.crypto.tls.certificaterequest; import org.bouncycastle.crypto.tls.defaulttlsclient; import org.bouncycastle.crypto.tls.tlsauthentication; import org.bouncycastle.crypto.tls.tlsclientprotocol; import org.bouncycastle.crypto.tls.tlscredentials; import org.bouncycastle.jce.provider.bouncycastleprovider; // used ezi ssl certificate // import java.security.accesscontroller; import java.security.privilegedexceptionaction; import java.io.filenotfoundexception; import java.security.privilegedactionexception;  public class truststore {      public static void settruststore(string truststorepath, string truststorepwd)     {          keystore ks = null;          fileinputstream fis = null;         try{         char[] passwd = null;     if (truststorepwd.length() != 0)            passwd = truststorepwd.tochararray();         java.security.securerandom securerandom = new java.security.securerandom();         ks = keystore.getinstance("jks");         fis = new java.io.fileinputstream(truststorepath);         ks.load(fis, passwd);         fis.close();           bouncycastleprovider bcp = new bouncycastleprovider();         if( truststorepath != null && !truststorepath.trim().equalsignorecase("null") && truststorepath.trim().length() != 0 ){              try {         security.addprovider(bcp);         } catch (exception e)   {         throw new runtimeexception("cannot add bouncycastle security provider");         }              system.setproperty("java.protocol.handler.pkgs", "org.bouncycastle.crypto.tls.tlsclientprotocol");              system.setproperty("https.protocols", "tlsv1");              system.setproperty("javax.net.ssl.truststore", truststorepath);              if( truststorepwd != null && !truststorepwd.trim().equalsignorecase("null") && truststorepwd.trim().length() != 0 ){                 system.setproperty("javax.net.ssl.truststorepassword", truststorepwd.trim());                 system.setproperty("javax.net.debug", "ssl");              final sslcontext context = sslcontext.getinstance("tls");               final trustmanagerfactory tmf = trustmanagerfactory.getinstance(trustmanagerfactory.getdefaultalgorithm());                     tmf.init(ks);             context.init(null, tmf.gettrustmanagers(),securerandom);               // hold of real underlying socket factory expected real job             final sslsocketfactory factory = context.getsocketfactory();               // "wrap" around using our custom sslsocketfactory have control on enabled protocols of newly created sockets             final sslsocketfactory wrappedfactory = new protocoloverridingsslsocketfactory(factory, new string[] {"tlsv1"});             byte[] ipaddr = new byte[] { 10, 2, 100, 79 };              sslsocket socket = (sslsocket) wrappedfactory.createsocket(java.net.inetaddress.getbyaddress(ipaddr), 8443);              tlsclientprotocol protocol = new tlsclientprotocol(socket.getinputstream(), socket.getoutputstream(),securerandom);             defaulttlsclient client = new defaulttlsclient() {                 public tlsauthentication getauthentication() throws ioexception {                 tlsauthentication auth = new tlsauthentication() {                     // capture server certificate information!                     public void notifyservercertificate(org.bouncycastle.crypto.tls.certificate servercertificate) throws ioexception {                     }                      public tlscredentials getclientcredentials(certificaterequest certificaterequest) throws ioexception {                         return null;                     }                 };                 return auth;             }             };             protocol.connect(client);         try {              printsocketinfo(socket);               socket.starthandshake();          } catch(exception e){              e.printstacktrace();              system.out.println(e.tostring());           }         {              if (fis != null) {                  fis.close();              }          }         system.out.println("https.protocols "+system.getproperty("https.protocols"));         system.out.println("handler package >> "+system.getproperty("java.protocol.handler.pkgs"));         system.out.println("truststore>> "+system.getproperty("javax.net.ssl.truststore"));         system.out.println("truststore password>> "+system.getproperty("javax.net.ssl.truststorepassword"));             }          }      }catch(exception e){     e.printstacktrace();     } }     private static void printsocketinfo(sslsocket s) {         system.out.println("socket class: "+s.getclass());          system.out.println(" remote address = " +s.getinetaddress().tostring());          system.out.println(" remote port = "+s.getport());         system.out.println(" local socket address = " +s.getlocalsocketaddress().tostring());         system.out.println(" local address = " +s.getlocaladdress().tostring());          system.out.println(" local port = "+s.getlocalport()); system.out.println(" need client authentication = " +s.getneedclientauth());          sslsession ss = s.getsession();          system.out.println(" cipher suite = "+ss.getciphersuite());         system.out.println(" protocol = "+ss.getprotocol());          }              /**      * checks whether file exists , can opened.      * @param file file checked.      * @return fileinputstream file or <code>null</code> when      * not opened or didn't exist.      */     private static fileinputstream getfileinputstream(final file file)  {     try {         return accesscontroller.doprivileged(                 new privilegedexceptionaction<fileinputstream>() {                     public fileinputstream run() {                         try {                             if (file.exists()) {                                 return new fileinputstream(file);                             } else {                                 return null;                             }                         } catch (filenotfoundexception e) {                             return null;                         }                     }                 });     } catch (privilegedactionexception e)   {         // somehow cannot run this, hence cannot read file either...         return null;     }     } }

it still gives me handshake error , socket closed connection bouncycastle.. please out..

  [#|2016-05-10t17:05:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|%% cached cl ient session: [session-2, ssl_rsa_with_rc4_128_md5]|#]            [#|2016-05-10t17:05:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, write: tlsv1 application data, length = 114|#]                  [#|2016-05-10t17:06:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, read: tlsv1 alert, length = 18|#]            [#|2016-05-10t17:06:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4|#]            [#|2016-05-10t17:06:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|, recv tlsv1  alert:  |#]            [#|2016-05-10t17:06:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|warning, |#]            [#|2016-05-10t17:06:59.270+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|close_notify |#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called closeinternal(false)|#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4|#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|, send tlsv1  alert:  |#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|warning, |#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|description  = close_notify|#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, write: tlsv1 alert, length = 18|#]            [#|2016-05-10t17:06:59.271+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called closesocket(selfinitiated)|#]            [#|2016-05-10t17:06:59.275+0800|warning|sun-appserver2.1.1|javax.enterprise.system.stream.err|_threadid=22;_threadname=httpsslworkerthread-8080-4;_requestid =c90ab4e4-5d4d-4ccb-802c-ca2050ba0ec8;|java.net.socketexception: connection closed remote host              @ com.sun.net.ssl.internal.ssl.sslsocketimpl.checkwrite(sslsocketimpl.java:1372)              @ com.sun.net.ssl.internal.ssl.appoutputstream.write(appoutputstream.java:44)              @ java.io.outputstream.write(outputstream.java:58)              @ org.bouncycastle.crypto.tls.recordstream.writerecord(unknown source)              @ org.bouncycastle.crypto.tls.tlsprotocol.safewriterecord(unknown source)              @ org.bouncycastle.crypto.tls.tlsprotocol.raisealert(unknown source)              @ org.bouncycastle.crypto.tls.tlsprotocol.failwitherror(unknown source)              @ org.bouncycastle.crypto.tls.tlsprotocol.safereadrecord(unknown source)              @ org.bouncycastle.crypto.tls.tlsprotocol.completehandshake(unknown source)              @ org.bouncycastle.crypto.tls.tlsclientprotocol.connect(unknown source)              @ ml.token.utility.truststore.settruststore(truststore.java:107)              @ ml.token.utility.challenge.getchallenge2(challenge.java:233)              @ org.apache.jsp.jsp.process2_jsp._jspservice(process2_jsp.java :1312)              @ org.apache.jasper.runtime.httpjspbase.service(httpjspbase.java:109)              @ javax.servlet.http.httpservlet.service(httpservlet.java:847)              @ org.apache.jasper.servlet.jspservletwrapper.service(jspservletwrapper.java:389)              @ org.apache.jasper.servlet.jspservlet.servicejspfile(jspservlet.java:486)              @ org.apache.jasper.servlet.jspservlet.service(jspservlet.java:380)              @ javax.servlet.http.httpservlet.service(httpservlet.java:847)              @ org.apache.catalina.core.applicationfilterchain.servletservice(applicationfilterchain.java:427)              @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:333)              @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:214)              @ com.mibs.xssfilter.crossscriptingfilter.dofilter(crossscriptingfilter.java:41)              @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:246)              @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:214)              @ com.mibs.servlet.accesspathcheckfilter.dofilter(accesspathcheckfilter.java:76)              @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:246)              @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:214)              @ org.apache.catalina.core.standardwrappervalve.invoke(standardwrappervalve.java:313)              @ org.apache.catalina.core.standardcontextvalve.invokeinternal(standardcontextvalve.java:287)              @ org.apache.catalina.core.standardcontextvalve.invoke(standardcontextvalve.java:218)              @ org.apache.catalina.core.standardpipeline.doinvoke(standardpipeline.java:648)              @ org.apache.catalina.core.standardpipeline.doinvoke(standardpipeline.java:593)              @ com.sun.enterprise.web.webpipeline.invoke(webpipeline.java:94)              @ com.sun.enterprise.web.pesessionlockingstandardpipeline.invoke(pesessionlockingstandardpipeline.java:98)              @ org.apache.catalina.core.standardhostvalve.invoke(standardhostvalve.java:222)              @ org.apache.catalina.core.standardpipeline.doinvoke(standardpipeline.java:648)              @ org.apache.catalina.core.standardpipeline.doinvoke(standardpipeline.java:593)              @ org.apache.catalina.core.standardpipeline.invoke(standardpipeline.java:587)              @ org.apache.catalina.core.containerbase.invoke(containerbase.java:1093)              @ org.apache.catalina.core.standardenginevalve.invoke(standardenginevalve.java:166)              @ org.apache.catalina.core.standardpipeline.doinvoke(standardpipeline.java:648)              @ org.apache.catalina.core.standardpipeline.doinvoke(standardpipeline.java:593)              @ org.apache.catalina.core.standardpipeline.invoke(standardpipeline.java:587)              @ org.apache.catalina.core.containerbase.invoke(containerbase.java:1093)              @ org.apache.coyote.tomcat5.coyoteadapter.service(coyoteadapter.java:291)              @ com.sun.enterprise.web.connector.grizzly.defaultprocessortask.invokeadapter(defaultprocessortask.java:670)              @ com.sun.enterprise.web.connector.grizzly.defaultprocessortask.doprocess(defaultprocessortask.java:601)              @ com.sun.enterprise.web.connector.grizzly.defaultprocessortask.process(defaultprocessortask.java:875)              @ com.sun.enterprise.web.connector.grizzly.defaultreadtask.executeprocessortask(defaultreadtask.java:365)              @ com.sun.enterprise.web.connector.grizzly.defaultreadtask.dotask(defaultreadtask.java:285)              @ com.sun.enterprise.web.connector.grizzly.defaultreadtask.dotask(defaultreadtask.java:221)              @ com.sun.enterprise.web.portunif.portunificationpipeline$putask.dotask(portunificationpipeline.java:393)              @ com.sun.enterprise.web.connector.grizzly.taskbase.run(taskbase.java:269)              @ com.sun.enterprise.web.connector.grizzly.ssl.sslworkerthread.run(sslworkerthread.java:111)            ,             [#|2016-05-10t17:06:59.691+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, write: tlsv1 handshake, length = 75|#]            [#|2016-05-10t17:06:59.691+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, write: sslv2 client hello message, length = 101|#]            [#|2016-05-10t17:06:59.692+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, read: tlsv1 alert, length = 2|#]            [#|2016-05-10t17:06:59.692+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4|#]            [#|2016-05-10t17:06:59.692+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|, recv tlsv1  alert:  |#]            [#|2016-05-10t17:06:59.692+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|fatal, |#]            [#|2016-05-10t17:06:59.693+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|handshake_fa ilure|#]            [#|2016-05-10t17:06:59.693+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called closesocket()|#]            [#|2016-05-10t17:06:59.693+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, handling exception: javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure|#]            [#|2016-05-10t17:06:59.694+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called close()|#]            [#|2016-05-10t17:06:59.694+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called closeinternal(true)|#]            [#|2016-05-10t17:06:59.694+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called close()|#]            [#|2016-05-10t17:06:59.694+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called closeinternal(true)|#]            [#|2016-05-10t17:06:59.694+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called close()|#]            [#|2016-05-10t17:06:59.694+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|httpsslworke rthread-8080-4, called closeinternal(true)|#]            [#|2016-05-10t17:06:59.698+0800|info|sun-appserver2.1.1|javax.enterprise.system.stream.out|_threadid=22;_threadname=httpsslworkerthread-8080-4;|process2.jsp : challengekey: [error]com.ctc.wstx.exc.wstxioexception: received fatal alert: handshake_failure|#]


Comments

Post a Comment

Popular posts from this blog

javascript - Laravel datatable invalid JSON response -

-
everything work fine on code below fetch user logs: js: <script> $(document).ready(function () { var table =$('#systemlogs').datatable({ responsive: true, processing: true, serverside: true, "language": { "url": "/datatables/media/plug-in/persian.json" }, ajax: '{!! url('/admin/systemlogs/data/systemlogsdatatable') !!}', columns: [ { data: 'name', name: 'name' }, { data: 'message_text', name: 'message_text' }, { data: 'remote_addr', name: 'remote_addr' }, { data: 'log_created_at', name: 'management_logs.created_at' }, { data: 'log_updated_at', name: 'management_logs.updated_at' }, ] }); }); </script> routes: route::get('/systemlogs/data/systemlogsdatatable','systemlogscontrolle...
Read more

java - Exception in thread "main" org.springframework.context.ApplicationContextException: Unable to start embedded container; -

-
i getting error when run spring application: exception in thread "main" org.springframework.context.applicationcontextexception: unable start embedded container; nested exception org.springframework.context.applicationcontextexception: unable start embeddedwebapplicationcontext due missing embeddedservletcontainerfactory bean. @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.onrefresh(embeddedwebapplicationcontext.java:124) @ org.springframework.context.support.abstractapplicationcontext.refresh(abstractapplicationcontext.java:476) @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.refresh(embeddedwebapplicationcontext.java:109) @ org.springframework.boot.springapplication.refresh(springapplication.java:691) @ org.springframework.boot.springapplication.run(springapplication.java:320) @ org.springframework.boot.springapplication.run(springapplication.java:952) @ org.springframework.boot.springa...
Read more

sql server 2008 - My Sql Code Get An Error Of Msg 245, Level 16, State 1, Line 1 Conversion failed when converting the varchar value '8:45 AM' to data type int -

-
msg 245, level 16, state 1, line 1 conversion failed when converting varchar value '8:45 am' data type int. script declare @specimenid bigint = 0, @script varchar(max); declare @starttime int = (select convert(int,substring(start_time,0,charindex(':', start_time)) - 12) appt appt._id=112601) --select @starttime set @script = 'select distinct ptlast_name + '', '' + pt.first_name patient_name, dbo.formatdate(pt.dob,''mm/dd/yyyy'') dob, (convert(varchar, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end)) + ''/'' + convert(varchar, (datediff(m, dateadd(yy, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end), d...
Read more