hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fang Lin <Fang...@u.washington.edu>
Subject handshake_failure when upgrading from httpclient 3.6 to 4.1.1.
Date Wed, 06 Jul 2011 00:11:32 GMT
Hi Oleg,

With the exact same setting, the SSL connection (using client cert authentication) works with
httpclient 3.6 but not with 4.1.1.

System info: 
java version "1.6.0_23"
Java(TM) SE Runtime Environment (build 1.6.0_23-b05)
Java HotSpot(TM) 64-Bit Server VM (build 19.0-b09, mixed mode)

Attached the entire log. Below are the code and log snippets:

Using httpclient 4.1.1:--------------------------------

Code:
        DefaultHttpClient httpclient = new DefaultHttpClient();
        Scheme sch = new Scheme("https", 
                                SSLSocketFactory.getSocketFactory(),
                                443);
        httpclient.getConnectionManager().getSchemeRegistry().register(sch);
        HttpGet req = new HttpGet(uriPath);
        HttpHost target = new HttpHost(host, 443,"https");
        HttpResponse rsp = httpclient.execute(target, req);

... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 17
*** Finished
verify_data:  { 91, 80, 101, 35, 121, 76, 219, 71, 238, 142, 6, 213 }
***
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Alert, length = 18
main, RECV TLSv1 ALERT:  fatal, handshake_failure
%% Invalidated:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1720)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:755)
	at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
	at org.apache.http.impl.io.AbstractSessionInputBuffer.fillBuffer(AbstractSessionInputBuffer.java:149)
	at org.apache.http.impl.io.SocketInputBuffer.fillBuffer(SocketInputBuffer.java:110)
	at org.apache.http.impl.io.AbstractSessionInputBuffer.readLine(AbstractSessionInputBuffer.java:260)
	at org.apache.http.impl.conn.DefaultResponseParser.parseHead(DefaultResponseParser.java:98)
	at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:252)
	at org.apache.http.impl.AbstractHttpClientConnection.receiveResponseHeader(AbstractHttpClientConnection.java:281)
	at org.apache.http.impl.conn.DefaultClientConnection.receiveResponseHeader(DefaultClientConnection.java:247)
	at org.apache.http.impl.conn.AbstractClientConnAdapter.receiveResponseHeader(AbstractClientConnAdapter.java:219)
	at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:298)
	at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
	at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:633)
	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:454)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:776)
	at edu.washington.cac.shared.httpclient.ClientExecuteDirect.main(Unknown Source)

Using httpclient 3.6: ------------------------------------------
Code:
   HostConfiguration hc = new HostConfiguration();
   hc.setHost(host, 443, "https");
   GetMethod method = new GetMethod(uriPath);
   HttpClient client = new HttpClient();
   try{
      client.executeMethod(hc, method);
      ...

... no IV used for this cipher
*** CertificateVerify
main, WRITE: TLSv1 Handshake, length = 150
main, WRITE: TLSv1 Change Cipher Spec, length = 17
*** Finished
verify_data:  { 73, 248, 55, 193, 151, 252, 147, 19, 215, 197, 255, 98 }
***
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Change Cipher Spec, length = 17
main, READ: TLSv1 Handshake, length = 32
*** Finished
verify_data:  { 123, 230, 73, 179, 151, 219, 30, 164, 45, 74, 61, 12 }
***
%% Cached client session: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
main, READ: TLSv1 Application Data, length = 176
main, READ: TLSv1 Application Data, length = 2077
*** Request ***
......



Mime
View raw message