Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SSL Exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

Tags:

java

ssl

keytool

I have created a SSLClient and SSLServer and also created the keystore as "server.jks" for SSLServer and "client.jks" for SSLClient. firstly i executed SSLServer.java file and after that when i am executing SSLClient.java file. It's throwing an exception "javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown" . i do not know why i am getting this exception. i followed http://ruchirawageesha.blogspot.in/2010/07/how-to-create-clientserver-keystores.html to create keystore for server and client. could you please help me to fix this issue. if there is any mistake to create certificates for server and client that i have done then please let me know.

SSLServer.java

package com.betterprogrammer.test;

import java.io.*;
import java.security.Security;
import java.security.PrivilegedActionException;

import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;

public class SSLServer {

    public static void main(String[] args) throws Exception {
        boolean debug = true;
        int intSSLport = 4443;

        {
            Security.addProvider(new Provider());

            System.setProperty("javax.net.ssl.keyStore","C:\\Program Files\\Java\\jre6\\bin\\server.jks");
            System.setProperty("javax.net.ssl.keyStorePassword", "123456");
        }

        if(debug){
            System.setProperty("javax.net.debug", "all");
        }
        try {
            SSLServerSocketFactory sslServerSocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
            SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketfactory.createServerSocket(intSSLport);
            SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

            while (true) {
                PrintWriter out = new PrintWriter(sslSocket.getOutputStream(),true);
                BufferedReader in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
                String inputLine;

                while ((inputLine = in.readLine()) != null) {
                    out.println(inputLine);
                    System.out.println(inputLine);
                }

                out.close();
                in.close();
                sslSocket.close();
                sslServerSocket.close();

            }
        }
        catch (Exception exp) {
            PrivilegedActionException priexp = new PrivilegedActionException(exp);
            System.out.println(" Priv exp --- " + priexp.getMessage());
            System.out.println(" Exception occurred .... " + exp);
            exp.printStackTrace();
        }

    }

}

and SSLClient.java

package com.betterprogrammer.test;

import java.io.*;

import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;
import java.security.Security;

public class SSLClient {

    public static void main(String[] args) throws Exception {
        String strServerName = "localhost";
        int intSSLport = 4443;
        PrintWriter out = null;
        BufferedReader in = null;
        boolean debug = true;
        {
            Security.addProvider(new Provider());

            System.setProperty("javax.net.ssl.keyStore","C:\\Program Files\\Java\\jre6\\bin\\client.jks");
            System.setProperty("javax.net.ssl.keyStorePassword", "123456");

        }
        if(debug){
            System.setProperty("javax.net.debug", "all");
        }
        try {

            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslSocket = (SSLSocket) sslsocketfactory.createSocket(strServerName, intSSLport);

            out = new PrintWriter(sslSocket.getOutputStream(), true);
            in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));

            BufferedReader stdIn = new BufferedReader(new InputStreamReader(System.in));
            String userInput = "Hello Testing ";
            out.println(userInput);

            while ((userInput = stdIn.readLine()) != null) {
                out.println(userInput);
                System.out.println("echo: " + in.readLine());
            }

            out.println(userInput);

            out.close();
            in.close();
            stdIn.close();
            sslSocket.close();
        }

        catch (Exception exp) {
            System.out.println(" Exception occurred .... " + exp);
            exp.printStackTrace();
        }

    }

}

Thanks,

After enabling full debugging:

Debugger Log Of SSLClient

Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
[Raw read]: length = 5
0000: 80 65 01 03 01                                     .e...
[Raw read]: length = 98
0000: 00 3C 00 00 00 20 00 00   04 01 00 80 00 00 05 00  .<... ..........
0010: 00 2F 00 00 33 00 00 32   00 00 0A 07 00 C0 00 00  ./..3..2........
0020: 16 00 00 13 00 00 09 06   00 40 00 00 15 00 00 12  .........@......
0030: 00 00 03 02 00 80 00 00   08 00 00 14 00 00 11 00  ................
0040: 00 FF 55 23 87 FB 8F 4F   39 1F 53 16 68 CB F8 4A  ..U#...O9.S.h..J
0050: E3 55 F2 65 6F 6D F8 58   6A 3E AC 05 9A 2E 47 00  .U.eom.Xj>....G.
0060: 4A 61                                              Ja
[read] MD5 and SHA1 hashes:  len = 3
0000: 01 03 01                                           ...
[read] MD5 and SHA1 hashes:  len = 98
0000: 00 3C 00 00 00 20 00 00   04 01 00 80 00 00 05 00  .<... ..........
0010: 00 2F 00 00 33 00 00 32   00 00 0A 07 00 C0 00 00  ./..3..2........
0020: 16 00 00 13 00 00 09 06   00 40 00 00 15 00 00 12  .........@......
0030: 00 00 03 02 00 80 00 00   08 00 00 14 00 00 11 00  ................
0040: 00 FF 55 23 87 FB 8F 4F   39 1F 53 16 68 CB F8 4A  ..U#...O9.S.h..J
0050: E3 55 F2 65 6F 6D F8 58   6A 3E AC 05 9A 2E 47 00  .U.eom.Xj>....G.
0060: 4A 61                                              Ja
main, READ:  SSL v2, contentType = Handshake, translated length = 75
*** ClientHello, TLSv1
RandomCookie:  GMT: 1428326139 bytes = { 143, 79, 57, 31, 83, 22, 104, 203, 248, 74, 227, 85, 242, 101, 111, 109, 248, 88, 106, 62, 172, 5, 154, 46, 71, 0, 74, 97 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
***
%% Created:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
*** ServerHello, TLSv1
RandomCookie:  GMT: 1428326139 bytes = { 158, 48, 29, 129, 13, 62, 146, 105, 73, 124, 215, 161, 95, 187, 133, 185, 177, 126, 152, 188, 242, 149, 169, 89, 170, 54, 114, 1 }
Session ID:  {85, 35, 135, 251, 224, 246, 149, 228, 232, 147, 250, 67, 208, 150, 103, 11, 42, 3, 25, 164, 173, 2, 175, 238, 127, 205, 214, 147, 219, 129, 83, 9}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite:  SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 123574216535049538229649138532732037450344660032008107623318896073877130816352911991676317388894985357571552005101850107090892510303976778984089005629672968049771222968340272946467454151597928015519714376040070285997043906750602810147154555100812394706180558167843570971003367893266814158255391999837062858379
  public exponent: 65537
  Validity: [From: Tue Apr 07 11:10:44 IST 2015,
               To: Mon Jul 06 11:10:44 IST 2015]
  Issuer: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
  SerialNumber: [    55236ddc]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 18 7D 3A 3D 98 43 E1 EA   C8 CC 79 01 FF 8B BF E1  ..:=.C....y.....
0010: 07 A9 12 2D 6D D6 47 74   FE 67 D0 CA 11 CE D6 90  ...-m.Gt.g......
0020: 9D BA 94 67 19 7C 24 FD   B8 EA 45 14 A3 29 5D F7  ...g..$...E..)].
0030: 6A 4A EA 2E 29 42 2B 04   EC D1 FF E6 B0 A5 1C AA  jJ..)B+.........
0040: 2E 79 3D 30 B5 D7 1D CD   A5 12 5E AE 91 4C 22 10  .y=0......^..L".
0050: CF 45 8E 36 A6 55 76 CC   15 BE 9F 5C 3B 45 D0 0C  .E.6.Uv....\;E..
0060: 07 F2 FA F4 E2 42 6F E5   DF 5F AC EC 60 67 F8 B3  .....Bo.._..`g..
0070: 14 B0 F5 2E F6 F7 97 7E   FC 24 EA A0 7E 38 5E 25  .........$...8^%

]
***
*** ServerHelloDone
[write] MD5 and SHA1 hashes:  len = 686
0000: 02 00 00 4D 03 01 55 23   87 FB 9E 30 1D 81 0D 3E  ...M..U#...0...>
0010: 92 69 49 7C D7 A1 5F BB   85 B9 B1 7E 98 BC F2 95  .iI..._.........
0020: A9 59 AA 36 72 01 20 55   23 87 FB E0 F6 95 E4 E8  .Y.6r. U#.......
0030: 93 FA 43 D0 96 67 0B 2A   03 19 A4 AD 02 AF EE 7F  ..C..g.*........
0040: CD D6 93 DB 81 53 09 00   04 00 00 05 FF 01 00 01  .....S..........
0050: 00 0B 00 02 55 00 02 52   00 02 4F 30 82 02 4B 30  ....U..R..O0..K0
0060: 82 01 B4 A0 03 02 01 02   02 04 55 23 6D DC 30 0D  ..........U#m.0.
0070: 06 09 2A 86 48 86 F7 0D   01 01 05 05 00 30 6A 31  ..*.H........0j1
0080: 0B 30 09 06 03 55 04 06   13 02 39 31 31 12 30 10  .0...U....911.0.
0090: 06 03 55 04 08 13 09 6B   61 72 6E 61 74 61 6B 61  ..U....karnataka
00A0: 31 12 30 10 06 03 55 04   07 13 09 62 61 6E 67 61  1.0...U....banga
00B0: 6C 6F 72 65 31 12 30 10   06 03 55 04 0A 13 09 64  lore1.0...U....d
00C0: 65 76 65 6C 6F 70 65 72   31 10 30 0E 06 03 55 04  eveloper1.0...U.
00D0: 0B 13 07 73 74 61 72 74   75 70 31 0D 30 0B 06 03  ...startup1.0...
00E0: 55 04 03 13 04 4A 6F 68   6E 30 1E 17 0D 31 35 30  U....John0...150
00F0: 34 30 37 30 35 34 30 34   34 5A 17 0D 31 35 30 37  407054044Z..1507
0100: 30 36 30 35 34 30 34 34   5A 30 6A 31 0B 30 09 06  06054044Z0j1.0..
0110: 03 55 04 06 13 02 39 31   31 12 30 10 06 03 55 04  .U....911.0...U.
0120: 08 13 09 6B 61 72 6E 61   74 61 6B 61 31 12 30 10  ...karnataka1.0.
0130: 06 03 55 04 07 13 09 62   61 6E 67 61 6C 6F 72 65  ..U....bangalore
0140: 31 12 30 10 06 03 55 04   0A 13 09 64 65 76 65 6C  1.0...U....devel
0150: 6F 70 65 72 31 10 30 0E   06 03 55 04 0B 13 07 73  oper1.0...U....s
0160: 74 61 72 74 75 70 31 0D   30 0B 06 03 55 04 03 13  tartup1.0...U...
0170: 04 4A 6F 68 6E 30 81 9F   30 0D 06 09 2A 86 48 86  .John0..0...*.H.
0180: F7 0D 01 01 01 05 00 03   81 8D 00 30 81 89 02 81  ...........0....
0190: 81 00 AF F9 BC 0C 37 61   CF E9 A6 83 63 4D BD B9  ......7a....cM..
01A0: D8 7D EC 26 04 4D D9 AE   CA E1 A0 99 E8 AB FE 0E  ...&.M..........
01B0: F2 F2 E6 7A C1 D5 43 0C   BE 95 83 01 C0 A9 B9 A9  ...z..C.........
01C0: 8E 19 42 A7 5A 12 66 26   E8 28 9B A2 D5 BE 0A 3A  ..B.Z.f&.(.....:
01D0: 66 51 B3 94 4A E9 44 3A   96 64 5E B4 25 84 82 CA  fQ..J.D:.d^.%...
01E0: 2B 86 65 1D 16 C4 97 D1   AA 0B D9 4D 9F 9A C8 CC  +.e........M....
01F0: DD 2F 79 CB 1C 59 04 EE   C0 B5 8D 69 80 46 F5 DA  ./y..Y.....i.F..
0200: FB 33 1E E1 78 55 7B 58   24 45 61 8B AB DF C1 80  .3..xU.X$Ea.....
0210: 86 8B 02 03 01 00 01 30   0D 06 09 2A 86 48 86 F7  .......0...*.H..
0220: 0D 01 01 05 05 00 03 81   81 00 18 7D 3A 3D 98 43  ............:=.C
0230: E1 EA C8 CC 79 01 FF 8B   BF E1 07 A9 12 2D 6D D6  ....y........-m.
0240: 47 74 FE 67 D0 CA 11 CE   D6 90 9D BA 94 67 19 7C  Gt.g.........g..
0250: 24 FD B8 EA 45 14 A3 29   5D F7 6A 4A EA 2E 29 42  $...E..)].jJ..)B
0260: 2B 04 EC D1 FF E6 B0 A5   1C AA 2E 79 3D 30 B5 D7  +..........y=0..
0270: 1D CD A5 12 5E AE 91 4C   22 10 CF 45 8E 36 A6 55  ....^..L"..E.6.U
0280: 76 CC 15 BE 9F 5C 3B 45   D0 0C 07 F2 FA F4 E2 42  v....\;E.......B
0290: 6F E5 DF 5F AC EC 60 67   F8 B3 14 B0 F5 2E F6 F7  o.._..`g........
02A0: 97 7E FC 24 EA A0 7E 38   5E 25 0E 00 00 00        ...$...8^%....
main, WRITE: TLSv1 Handshake, length = 686
[Raw write]: length = 691
0000: 16 03 01 02 AE 02 00 00   4D 03 01 55 23 87 FB 9E  ........M..U#...
0010: 30 1D 81 0D 3E 92 69 49   7C D7 A1 5F BB 85 B9 B1  0...>.iI..._....
0020: 7E 98 BC F2 95 A9 59 AA   36 72 01 20 55 23 87 FB  ......Y.6r. U#..
0030: E0 F6 95 E4 E8 93 FA 43   D0 96 67 0B 2A 03 19 A4  .......C..g.*...
0040: AD 02 AF EE 7F CD D6 93   DB 81 53 09 00 04 00 00  ..........S.....
0050: 05 FF 01 00 01 00 0B 00   02 55 00 02 52 00 02 4F  .........U..R..O
0060: 30 82 02 4B 30 82 01 B4   A0 03 02 01 02 02 04 55  0..K0..........U
0070: 23 6D DC 30 0D 06 09 2A   86 48 86 F7 0D 01 01 05  #m.0...*.H......
0080: 05 00 30 6A 31 0B 30 09   06 03 55 04 06 13 02 39  ..0j1.0...U....9
0090: 31 31 12 30 10 06 03 55   04 08 13 09 6B 61 72 6E  11.0...U....karn
00A0: 61 74 61 6B 61 31 12 30   10 06 03 55 04 07 13 09  ataka1.0...U....
00B0: 62 61 6E 67 61 6C 6F 72   65 31 12 30 10 06 03 55  bangalore1.0...U
00C0: 04 0A 13 09 64 65 76 65   6C 6F 70 65 72 31 10 30  ....developer1.0
00D0: 0E 06 03 55 04 0B 13 07   73 74 61 72 74 75 70 31  ...U....startup1
00E0: 0D 30 0B 06 03 55 04 03   13 04 4A 6F 68 6E 30 1E  .0...U....John0.
00F0: 17 0D 31 35 30 34 30 37   30 35 34 30 34 34 5A 17  ..150407054044Z.
0100: 0D 31 35 30 37 30 36 30   35 34 30 34 34 5A 30 6A  .150706054044Z0j
0110: 31 0B 30 09 06 03 55 04   06 13 02 39 31 31 12 30  1.0...U....911.0
0120: 10 06 03 55 04 08 13 09   6B 61 72 6E 61 74 61 6B  ...U....karnatak
0130: 61 31 12 30 10 06 03 55   04 07 13 09 62 61 6E 67  a1.0...U....bang
0140: 61 6C 6F 72 65 31 12 30   10 06 03 55 04 0A 13 09  alore1.0...U....
0150: 64 65 76 65 6C 6F 70 65   72 31 10 30 0E 06 03 55  developer1.0...U
0160: 04 0B 13 07 73 74 61 72   74 75 70 31 0D 30 0B 06  ....startup1.0..
0170: 03 55 04 03 13 04 4A 6F   68 6E 30 81 9F 30 0D 06  .U....John0..0..
0180: 09 2A 86 48 86 F7 0D 01   01 01 05 00 03 81 8D 00  .*.H............
0190: 30 81 89 02 81 81 00 AF   F9 BC 0C 37 61 CF E9 A6  0..........7a...
01A0: 83 63 4D BD B9 D8 7D EC   26 04 4D D9 AE CA E1 A0  .cM.....&.M.....
01B0: 99 E8 AB FE 0E F2 F2 E6   7A C1 D5 43 0C BE 95 83  ........z..C....
01C0: 01 C0 A9 B9 A9 8E 19 42   A7 5A 12 66 26 E8 28 9B  .......B.Z.f&.(.
01D0: A2 D5 BE 0A 3A 66 51 B3   94 4A E9 44 3A 96 64 5E  ....:fQ..J.D:.d^
01E0: B4 25 84 82 CA 2B 86 65   1D 16 C4 97 D1 AA 0B D9  .%...+.e........
01F0: 4D 9F 9A C8 CC DD 2F 79   CB 1C 59 04 EE C0 B5 8D  M...../y..Y.....
0200: 69 80 46 F5 DA FB 33 1E   E1 78 55 7B 58 24 45 61  i.F...3..xU.X$Ea
0210: 8B AB DF C1 80 86 8B 02   03 01 00 01 30 0D 06 09  ............0...
0220: 2A 86 48 86 F7 0D 01 01   05 05 00 03 81 81 00 18  *.H.............
0230: 7D 3A 3D 98 43 E1 EA C8   CC 79 01 FF 8B BF E1 07  .:=.C....y......
0240: A9 12 2D 6D D6 47 74 FE   67 D0 CA 11 CE D6 90 9D  ..-m.Gt.g.......
0250: BA 94 67 19 7C 24 FD B8   EA 45 14 A3 29 5D F7 6A  ..g..$...E..)].j
0260: 4A EA 2E 29 42 2B 04 EC   D1 FF E6 B0 A5 1C AA 2E  J..)B+..........
0270: 79 3D 30 B5 D7 1D CD A5   12 5E AE 91 4C 22 10 CF  y=0......^..L"..
0280: 45 8E 36 A6 55 76 CC 15   BE 9F 5C 3B 45 D0 0C 07  E.6.Uv....\;E...
0290: F2 FA F4 E2 42 6F E5 DF   5F AC EC 60 67 F8 B3 14  ....Bo.._..`g...
02A0: B0 F5 2E F6 F7 97 7E FC   24 EA A0 7E 38 5E 25 0E  ........$...8^%.
02B0: 00 00 00                                           ...
[Raw read]: length = 5
0000: 15 03 01 00 02                                     .....
[Raw read]: length = 2
0000: 02 2E                                              ..
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
 Priv exp --- null
 Exception occurred .... javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
    at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
    at sun.nio.cs.StreamDecoder.readBytes(Unknown Source)
    at sun.nio.cs.StreamDecoder.implRead(Unknown Source)
    at sun.nio.cs.StreamDecoder.read(Unknown Source)
    at java.io.InputStreamReader.read(Unknown Source)
    at java.io.BufferedReader.fill(Unknown Source)
    at java.io.BufferedReader.readLine(Unknown Source)
    at java.io.BufferedReader.readLine(Unknown Source)
    at com.betterprogrammer.test.SSLServer.main(SSLServer.java:36)

and Debugger Log of SSLServer

      keyStore is : C:\Program Files\Java\jre6\bin\server.jks
        keyStore type is : jks
        keyStore provider is : 
        init keystore
        init keymanager of type SunX509
        ***
        found key for : server
        chain [0] = [
        [
          Version: V3
          Subject: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
          Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

          Key:  Sun RSA public key, 1024 bits
          modulus: 123574216535049538229649138532732037450344660032008107623318896073877130816352911991676317388894985357571552005101850107090892510303976778984089005629672968049771222968340272946467454151597928015519714376040070285997043906750602810147154555100812394706180558167843570971003367893266814158255391999837062858379
          public exponent: 65537
          Validity: [From: Tue Apr 07 11:10:44 IST 2015,
                       To: Mon Jul 06 11:10:44 IST 2015]
          Issuer: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
          SerialNumber: [    55236ddc]

        ]
          Algorithm: [SHA1withRSA]
          Signature:
        0000: 18 7D 3A 3D 98 43 E1 EA   C8 CC 79 01 FF 8B BF E1  ..:=.C....y.....
        0010: 07 A9 12 2D 6D D6 47 74   FE 67 D0 CA 11 CE D6 90  ...-m.Gt.g......
        0020: 9D BA 94 67 19 7C 24 FD   B8 EA 45 14 A3 29 5D F7  ...g..$...E..)].
        0030: 6A 4A EA 2E 29 42 2B 04   EC D1 FF E6 B0 A5 1C AA  jJ..)B+.........
        0040: 2E 79 3D 30 B5 D7 1D CD   A5 12 5E AE 91 4C 22 10  .y=0......^..L".
        0050: CF 45 8E 36 A6 55 76 CC   15 BE 9F 5C 3B 45 D0 0C  .E.6.Uv....\;E..
        0060: 07 F2 FA F4 E2 42 6F E5   DF 5F AC EC 60 67 F8 B3  .....Bo.._..`g..
        0070: 14 B0 F5 2E F6 F7 97 7E   FC 24 EA A0 7E 38 5E 25  .........$...8^%

        ]
        ***
        trustStore is: C:\Program Files\Java\jre6\lib\security\cacerts
        trustStore type is : jks
        trustStore provider is : 
        init truststore
        adding as trusted cert:
          Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
          Issuer:  CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
          Algorithm: RSA; Serial number: 0x4eb200670c035d4f
          Valid from Wed Oct 25 14:06:00 IST 2006 until Sat Oct 25 14:06:00 IST 2036

        adding as trusted cert:
          Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
          Issuer:  [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
          Algorithm: RSA; Serial number: 0x1
          Valid from Sat Jun 26 03:53:48 IST 1999 until Wed Jun 26 03:53:48 IST 2019

        adding as trusted cert:
          Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
          Issuer:  CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
          Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d
          Valid from Fri Nov 17 05:30:00 IST 2006 until Thu Jul 17 05:29:59 IST 2036
    ...................
    ......................
    .........................
IST 2021

        adding as trusted cert:
          Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
          Issuer:  CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
          Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f
          Valid from Wed Apr 02 05:30:00 IST 2008 until Wed Dec 02 05:29:59 IST 2037

        adding as trusted cert:
          Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
          Issuer:  CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
          Algorithm: RSA; Serial number: 0x1b6
          Valid from Fri Aug 14 20:20:00 IST 1998 until Thu Aug 15 05:29:00 IST 2013

        adding as trusted cert:
          Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
          Issuer:  CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
          Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
          Valid from Sat Jul 10 00:01:20 IST 1999 until Wed Jul 10 00:10:36 IST 2019

        adding as trusted cert:
          Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
          Issuer:  CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
          Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
          Valid from Fri Jun 25 00:27:21 IST 1999 until Tue Jun 25 00:36:30 IST 2019

        adding as trusted cert:
          Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
          Issuer:  CN=Sonera Class2 CA, O=Sonera, C=FI
          Algorithm: RSA; Serial number: 0x1d
          Valid from Fri Apr 06 12:59:40 IST 2001 until Tue Apr 06 12:59:40 IST 2021

        adding as trusted cert:
          Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
          Issuer:  CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
          Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
          Valid from Thu Jan 12 20:08:43 IST 2006 until Thu Jan 01 04:29:59 IST 2026

        trigger seeding of SecureRandom
        done seeding SecureRandom
        Allow unsafe renegotiation: false
        Allow legacy hello messages: true
        Is initial handshake: true
        Is secure renegotiation: false
        matching alias: server
        main, called closeSocket()
like image 763
Krishna Avatar asked Apr 07 '15 07:04

Krishna


People also ask

What is javax net SSL SSLHandshakeException?

javax.net.ssl.SSLHandshakeException. Indicates that the client and server could not negotiate the desired level of security. The connection is no longer usable.

How does Jmeter handle SSL handshake exception?

If you get below error as response data for a request while running the script, here is the solution. In HTTP Request sampler, change the field 'Implementation' to HttpClient4 to solve this exception.


1 Answers

finally i able to solve my exception itself. Actually i was doing a silly mistakes out there that was :- In both server and client file i was using the same property as

Before it was :-

For SSLServer :-
    System.setProperty("javax.net.ssl.keyStore","server.jks");
    System.setProperty("javax.net.ssl.keyStorePassword", "123456");
For SSLClient :-
        System.setProperty("javax.net.ssl.keyStore","client.jks");
        System.setProperty("javax.net.ssl.keyStorePassword", "123456");

Now it is :-

For SSLServer :-
        System.setProperty("javax.net.ssl.keyStore","server.jks");
        System.setProperty("javax.net.ssl.keyStorePassword", "123456");
For SSLClient :-
        System.setProperty("javax.net.ssl.trustStore","client.jks");
        System.setProperty("javax.net.ssl.trustStorePassword", "123456");

I had to use javax.net.ssl.trustStore instead of i was using javax.net.ssl.keyStore in client and javax.net.ssl.trustStorePassword instead of i was using javax.net.ssl.keyStorePassword in client also. So after correcting it my exception has been removed and it started working. thanks

like image 115
Krishna Avatar answered Oct 01 '22 06:10

Krishna