<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.hoenzb
{mso-style-name:hoenzb;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=DE link=blue vlink="#954F72"><div class=WordSection1><p class=MsoNormal>The newer the Jetty Server is the more unlikely it Supports the old and unsafe SSL2 handshake. You should not enable the SSL2Hello pseudo protocol on Client side. JDK certainly does not by Default.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Gruss</p><p class=MsoNormal>Bernd</p><p class=MsoNormal>-- <br>http://bernd.eckenfels.net</p><p class=MsoNormal><o:p> </o:p></p><div style='mso-element:para-border-div;border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal style='border:none;padding:0cm'><b>Von: </b><a href="mailto:seandawson2015@gmail.com">Sean Dawson</a><br><b>Gesendet: </b>Sonntag, 12. November 2017 20:24<br><b>An: </b><a href="mailto:security-dev@openjdk.java.net">security-dev@openjdk.java.net</a><br><b>Betreff: </b>Re: java.net.ConnectException: Received fatal alert:unexpected_message</p></div><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal><o:p> </o:p></p></div><p class=MsoNormal style='margin-bottom:12.0pt'>Thanks for the reply. This is one of the latest versions of Jetty so I would hope that it would support that. But I've also tried specifying various other http.protocols on both sides but it hasn't seemed to change the result. Any other flags or things I should try?</p></div><div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>On Fri, Nov 10, 2017 at 11:48 PM, Jaikiran Pai <<a href="mailto:jai.forums2013@gmail.com" target="_blank">jai.forums2013@gmail.com</a>> wrote:</p><blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm'><p class=MsoNormal style='margin-bottom:12.0pt'>> Java 1.8.0_131<br>> Both servers on same machine, using same Java<br>> Source server is using async-http-client 1.9.18<br>> Destination server is using Jetty 9.4.7.v20170914<br><br>....<br><br>> New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161<br>> [write] MD5 and SHA1 hashes: len = 140<br>> 0000: 01 03 03 00 63 00 00 00 20 00 C0 23 00 C0 27 00 ....c... ..#..'.<br>> ...<br>> 0080: 07 06 BB A0 AB 39 66 80 95 55 14 65 .....9f..U.e<br>> New I/O worker #10, WRITE: SSLv2 client hello message, length = 140<br><br>It looks like the async-http-client is sending a SSLv2 client hello message during the handshake and I'm guessing Jetty doesn't support (or maybe has disabled) SSLv2Hello handshake messages. What SSL protocols have you enabled on both these sides? If you haven't explicitly enabled any, then what do they default to in these libraries/servers?<span style='color:#888888'><br><br><span class=hoenzb>-Jaikiran</span></span></p></blockquote></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>