Java: Can send any string over SSLSocket except for a string that begins with h/H

Question

I am trying to write a simple SSLserver that listens to https-requests and prints a single line as a response. I have imported the correct certificate and all of that in my web browser and use -Djavax.net.ssl.keyStore= -Djavax.net.ssl.keyStorePassword= flags when starting the server.

The problem I face is that I can send any String I can think of, except any that starts with 'h' or 'H'. When I connect with my browser, I get connection reset/rejected if the sent string starts with h but not otherwise.

What could be the reason for this? I am thinking that it could have to do with the HTTPS protocol but I don't know why that would be.

public class SecureSocketServer {
private static int port = 8080;
private static SSLServerSocket s;

public static void main(String[] args) {

        try {
        SSLServerSocketFactory sslSrvFact;
        sslSrvFact = (SSLServerSocketFactory)
                SSLServerSocketFactory.getDefault();
        s =(SSLServerSocket)sslSrvFact.createServerSocket(port);


        SSLSocket c = (SSLSocket)s.accept();

        DataOutputStream out = new DataOutputStream(c.getOutputStream());
        c.startHandshake();

        //out.writeBytes("hello"); Does not work
        out.writeBytes("Yes, Hello"); Works

        out.flush();
        c.close();
        }


    catch (IOException e) {
        e.printStackTrace();
    }
}

Answer 1

I am thinking that it could have to do with the HTTPS protocol

Of course it does. You are violating it. You're supposed to send a proper HTTP response header.

NB You don't get 'connection refused'. You might get any of a number of things but you don't get that. The connection was fully established, otherwise you wouldn't have got as far as you did, past the handshake.

Answer 2

This is probably failing because there is no newline at the end of the output. Also, it is not clear you have established a valid state before closing the connection. Remember that the socket is bidirectional, so if the client is trying to send something to you, it may be busy doing that when you are closing the connection.

Also, why do you have the socket creation in a while( true ) loop? I would try doing the action once, not infinitely many times.

Note that I think that an HTTP response is supposed have a line ending which is \r\n\r\n. Other than that I think there are no technical requirements. It just depends how forgiving the browser is. For example, the "h" might be getting confused with a normal response which begins "HTTP/1.0 200 OK". As long as you put the double Windows-style line endings you should get an output.