java.net.ConnectException: Received fatal alert:unexpected_message
Sean Dawson
seandawson2015 at gmail.com
Tue Nov 14 13:32:39 UTC 2017
Thank you for the responses - turns out that even though I was using the
latest version of AsyncHttpClient that I found in maven; there was another
slightly different one that was more current - and seems to work.
Old:
https://mvnrepository.com/artifact/com.ning/async-http-client
Newer:
https://mvnrepository.com/artifact/org.asynchttpclient/async-http-client
On Sun, Nov 12, 2017 at 4:05 PM, Bernd Eckenfels <ecki at zusammenkunft.net>
wrote:
> The newer the Jetty Server is the more unlikely it Supports the old and
> unsafe SSL2 handshake. You should not enable the SSL2Hello pseudo protocol
> on Client side. JDK certainly does not by Default.
>
>
>
> Gruss
>
> Bernd
>
> --
> http://bernd.eckenfels.net
>
>
>
> *Von: *Sean Dawson <seandawson2015 at gmail.com>
> *Gesendet: *Sonntag, 12. November 2017 20:24
> *An: *security-dev at openjdk.java.net
> *Betreff: *Re: java.net.ConnectException: Received fatal
> alert:unexpected_message
>
>
>
>
>
> Thanks for the reply. This is one of the latest versions of Jetty so I
> would hope that it would support that. But I've also tried specifying
> various other http.protocols on both sides but it hasn't seemed to change
> the result. Any other flags or things I should try?
>
>
>
> On Fri, Nov 10, 2017 at 11:48 PM, Jaikiran Pai <jai.forums2013 at gmail.com>
> wrote:
>
> > Java 1.8.0_131
> > Both servers on same machine, using same Java
> > Source server is using async-http-client 1.9.18
> > Destination server is using Jetty 9.4.7.v20170914
>
> ....
>
> > New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161
> > [write] MD5 and SHA1 hashes: len = 140
> > 0000: 01 03 03 00 63 00 00 00 20 00 C0 23 00 C0 27 00 ....c... ..#..'.
> > ...
> > 0080: 07 06 BB A0 AB 39 66 80 95 55 14 65 .....9f..U.e
> > New I/O worker #10, WRITE: SSLv2 client hello message, length = 140
>
> It looks like the async-http-client is sending a SSLv2 client hello
> message during the handshake and I'm guessing Jetty doesn't support (or
> maybe has disabled) SSLv2Hello handshake messages. What SSL protocols have
> you enabled on both these sides? If you haven't explicitly enabled any,
> then what do they default to in these libraries/servers?
>
> -Jaikiran
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20171114/5fa69970/attachment.htm>
More information about the security-dev
mailing list