javax.net.ssl.SSLException: Received fatal alert: protocol_version

Tags:

Has anyone encountered this error before? I'm new to SSL, is there anything obviously wrong with my ClientHello that I'm missing? That exception is thrown with no ServerHello response. Any advice is appreciated.

*** ClientHello, TLSv1 RandomCookie:  GMT: 1351745496 bytes = { 154, 151, 225, 128, 127, 137, 198, 245, 160, 35, 124, 13, 135, 120, 33, 240, 82, 223, 56, 25, 207, 231, 231, 124, 103, 205, 66, 218 } Session ID:  {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods:  { 0 } *** [write] MD5 and SHA1 hashes:  len = 75 0000: 01 00 00 47 03 01 51 92   00 D8 9A 97 E1 80 7F 89  ...G..Q......... 0010: C6 F5 A0 23 7C 0D 87 78   21 F0 52 DF 38 19 CF E7  ...#...x!.R.8... 0020: E7 7C 67 CD 42 DA 00 00   20 00 04 00 05 00 2F 00  ..g.B... ...../. 0030: 33 00 32 00 0A 00 16 00   13 00 09 00 15 00 12 00  3.2............. 0040: 03 00 08 00 14 00 11 00   FF 01 00                 ........... xxx, WRITE: TLSv1 Handshake, length = 75 [write] MD5 and SHA1 hashes:  len = 101 0000: 01 03 01 00 3C 00 00 00   20 00 00 04 01 00 80 00  ....<... ....... 0010: 00 05 00 00 2F 00 00 33   00 00 32 00 00 0A 07 00  ..../..3..2..... 0020: C0 00 00 16 00 00 13 00   00 09 06 00 40 00 00 15  ............@... 0030: 00 00 12 00 00 03 02 00   80 00 00 08 00 00 14 00  ................ 0040: 00 11 00 00 FF 51 92 00   D8 9A 97 E1 80 7F 89 C6  .....Q.......... 0050: F5 A0 23 7C 0D 87 78 21   F0 52 DF 38 19 CF E7 E7  ..#...x!.R.8.... 0060: 7C 67 CD 42 DA                                     .g.B. xxx, WRITE: SSLv2 client hello message, length = 101 [Raw write]: length = 103 0000: 80 65 01 03 01 00 3C 00   00 00 20 00 00 04 01 00  .e....<... ..... 0010: 80 00 00 05 00 00 2F 00   00 33 00 00 32 00 00 0A  ....../..3..2... 0020: 07 00 C0 00 00 16 00 00   13 00 00 09 06 00 40 00  ..............@. 0030: 00 15 00 00 12 00 00 03   02 00 80 00 00 08 00 00  ................ 0040: 14 00 00 11 00 00 FF 51   92 00 D8 9A 97 E1 80 7F  .......Q........ 0050: 89 C6 F5 A0 23 7C 0D 87   78 21 F0 52 DF 38 19 CF  ....#...x!.R.8.. 0060: E7 E7 7C 67 CD 42 DA                               ...g.B. [Raw read]: length = 5 0000: 15 03 01 00 02                                     ..... [Raw read]: length = 2 0000: 02 46                                              .F

{http://xml.apache.org/axis/}stackTrace:

javax.net.ssl.SSLException: Received fatal alert: protocol_version at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1806) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:986) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1197) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181) at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186) at

...

421

asked May 14 '13 11:05

Matthias

2 Answers

On Java 1.8 default TLS protocol is v1.2. On Java 1.6 and 1.7 default is obsoleted TLS1.0. I get this error on Java 1.8, because url use old TLS1.0 (like Your - You see ClientHello, TLSv1). To resolve this error You need to use override defaults for Java 1.8.

System.setProperty("https.protocols", "TLSv1");

More info on the Oracle blog:Diagnosing TLS, SSL, and HTTPS.

141

answered Sep 20 '22 17:09

marioosh

marioosh's answer seems to on the right track. It didn't work for me. So I found:

Problems connecting via HTTPS/SSL through own Java client

which uses:

java.lang.System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");

Which seems to be necessary with Java 7 and a TLSv1.2 site.

I checked the site with:

openssl s_client -connect www.st.nmfs.noaa.gov:443

using

openssl version OpenSSL 1.0.2l  25 May 2017

and got the result:

... SSL-Session:    Protocol  : TLSv1.2    Cipher    : ECDHE-RSA-AES256-GCM-SHA384 ...

Please note that and older openssl version on my mac did not work and I had to use the macports one.

answered Sep 16 '22 17:09

Wolfgang Fahl

Related questions
                            
                                Delete everything after part of a string
                            
                                Combine multiple lists in Java
                            
                                How can I align all elements to the left in JPanel?
                            
                                Checking whether a String contains a number value in Java [closed]
                            
                                Converting HashMap to ArrayList
                            
                                Create a new line in Java's FileWriter
                            
                                Understanding BufferedImage.getRGB output values
                            
                                How to add query parameters to a HTTP GET request by OkHttp?
                            
                                Java: convert seconds into day, hour, minute and seconds using TimeUnit
                            
                                NoClassDefFoundError: org/slf4j/impl/StaticLoggerBinder
                            
                                What is the difference between corePoolSize and maxPoolSize in the Spring ThreadPoolTaskExecutor
                            
                                How to get jdbc connection from hibernate session? [duplicate]
                            
                                mockito anyList of a given size
                            
                                One liner to check if element is in the list
                            
                                f:convertDateTime displays wrong Date [duplicate]
                            
                                Copy file in Java and replace existing target
                            
                                What are the cases in which it is better to use unconditional AND (& instead of &&)
                            
                                How to load property file from classpath? [closed]
                            
                                Make String.format("%s", arg) display null-valued arguments differently from "null"
                            
                                how to show query while using query annotations with MongoRepository with spring data

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

javax.net.ssl.SSLException: Received fatal alert: protocol_version

Tags:

java

ssl

jsse

Matthias

People also ask

2 Answers

marioosh

Wolfgang Fahl

Recent Activity

Donate For Us