Path: csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!border3.nntp.dca.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!postnews.google.com!gu8g2000vbb.googlegroups.com!not-for-mail From: Stone Newsgroups: comp.lang.java.programmer Subject: Re: SSL client program Date: Fri, 20 May 2011 02:00:50 -0700 (PDT) Organization: http://groups.google.com Lines: 143 Message-ID: References: <3af63731-b09e-44ff-bf37-1ffebdf80f60@o7g2000vbn.googlegroups.com> <4dd0ca31$0$45422$c30e37c6@exi-reader.telstra.net> <03ea3315-bf04-48ef-b659-d2175a6d7a45@c26g2000vbq.googlegroups.com> <4dd1b468$0$45428$c30e37c6@exi-reader.telstra.net> <4dd5ead5$0$45430$c30e37c6@exi-reader.telstra.net> NNTP-Posting-Host: 62.134.46.4 Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: posting.google.com 1305882050 16200 127.0.0.1 (20 May 2011 09:00:50 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Fri, 20 May 2011 09:00:50 +0000 (UTC) Complaints-To: groups-abuse@google.com Injection-Info: gu8g2000vbb.googlegroups.com; posting-host=62.134.46.4; posting-account=IOeCfwoAAAA_VejOv6qSgFbw-0eHdS9A User-Agent: G2/1.0 X-HTTP-UserAgent: Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1,gzip(gfe) Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:4346 On May 20, 6:15=A0am, Esmond Pitt wrote: > On 19/05/2011 6:46 PM, Stone wrote: > > > On May 17, 1:33 am, Esmond Pitt =A0wrote: > >> Can you run the Java client with -Djavax.net.debug=3Dssl,handshake,rec= ord > >> and post the output here? It should show what alert is being generated= . > > > What type of problem is this? > > Can you do what I asked above? Here is the output. I have deleted sections like PreMaster Secret, Client Nonce MasterSecret, etc. for the security reasons: main, READ: TLSv1 Handshake, length =3D 4 *** ServerHelloDone *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 main, WRITE: TLSv1 Handshake, length =3D 134 SESSION KEYGEN: PreMaster Secret: CONNECTION KEYGEN: Client Nonce: Server Nonce: Master Secret: Client MAC write Secret: Server MAC write Secret: Client write key: Server write key: ... no IV used for this cipher main, WRITE: TLSv1 Change Cipher Spec, length =3D 1 *** Finished verify_data: { 194, 94, 110, 184, 146, 84, 139, 23, 128, 30, 172, 154 } *** main, WRITE: TLSv1 Handshake, length =3D 32 main, READ: TLSv1 Change Cipher Spec, length =3D 1 main, READ: TLSv1 Handshake, length =3D 32 *** Finished verify_data: { 221, 84, 99, 182, 94, 229, 245, 49, 239, 9, 242, 116 } *** %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5] Getting session was done Peer host is 192.168.0.120 Cipher is SSL_RSA_WITH_RC4_128_MD5 Protocol is TLSv1 Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl Remote address =3D /192.168.0.120 Remote port =3D 5000 Local socket address =3D /10.7.254.22:2184 Local address =3D /192.168.0.130 Local port =3D 2184 Need client authentication =3D false Cipher suite =3D SSL_RSA_WITH_RC4_128_MD5 Protocol =3D TLSv1 main, READ: TLSv1 Handshake, length =3D 20 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: false Is secure renegotiation: true *** HelloRequest (empty) %% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5] %% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 2184 *** ClientHello, TLSv1 RandomCookie: GMT: 1289103832 bytes =3D { 65, 48, 233, 162, 111, 170, 145, 44, 19 9, 239, 216, 52, 135, 235, 207, 100, 46, 51, 207, 42, 143, 130, 172, 180, 10, 84 , 41, 182 } Session ID: {250, 122, 71, 89, 118, 196, 255, 44, 117, 119, 69, 73, 223, 161, 1 26, 19, 49, 161, 129, 40, 140, 144, 141, 116, 217, 98, 244, 232, 131, 214, 79, 1 42} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH _AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC _SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_ DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SH A, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_ WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI TH_DES40_CBC_SHA] Compression Methods: { 0 } Extension renegotiation_info, renegotiated_connection: c2:5e: 6e:b8:92:54:8b:17:8 0:1e:ac:9a *** main, WRITE: TLSv1 Handshake, length =3D 140 main, READ: TLSv1 Application Data, length =3D 106 HELLO_SSL_SERVER_IS_HERE main, WRITE: TLSv1 Application Data, length =3D 74 main, READ: TLSv1 Handshake, length =3D 121 *** ServerHello, TLSv1 RandomCookie: GMT: 1289105023 bytes =3D { 255, 208, 20, 94, 83, 1, 175, 155, 28, 235, 171, 32, 185, 187, 240, 129, 197, 41, 89, 188, 75, 176, 55, 176, 247, 226, 12, 57 } Session ID: {250, 122, 71, 89, 118, 196, 255, 44, 117, 119, 69, 73, 223, 161, 1 26, 19, 49, 161, 129, 40, 140, 144, 141, 116, 217, 98, 244, 232, 131, 214, 79, 1 42} Cipher Suite: SSL_RSA_WITH_RC4_128_MD5 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: c2:5e: 6e:b8:92:54:8b:17:8 0:1e:ac:9a:dd:54:63:b6:5e:e5:f5:31:ef:09:f2:74 *** CONNECTION KEYGEN: Client Nonce: Server Nonce: Master Secret: Client MAC write Secret: Server MAC write Secret: Client write key: Server write key: Kza...wd....Z..J ... no IV used for this cipher %% Server resumed [Session-1, SSL_RSA_WITH_RC4_128_MD5] main, READ: TLSv1 Change Cipher Spec, length =3D 17 main, READ: TLSv1 Handshake, length =3D 32 *** Finished verify_data: { 97, 230, 102, 11, 191, 75, 26, 119, 46, 96, 184, 61 } *** main, WRITE: TLSv1 Change Cipher Spec, length =3D 17 *** Finished verify_data: { 202, 55, 36, 163, 185, 216, 10, 77, 62, 152, 71, 69 } *** main, WRITE: TLSv1 Handshake, length =3D 32 main, READ: TLSv1 Alert, length =3D 18 main, RECV TLSv1 ALERT: fatal, unexpected_message %% Invalidated: [Session-1, SSL_RSA_WITH_RC4_128_MD5] main, called closeSocket() main, handling exception: javax.net.ssl.SSLException: Received fatal alert: unex pected_message