SSL issue connecting to 2 diff https server at different port; javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

Question

Problem Description

Getting "javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake" error while sending SOAP request over Https URL

Environnent:

1) Weblogic 10.3.6.0.1
2) java version "1.6.0_31" Java(TM) SE Runtime Environnent (build 1.6.0_31-b04)
3) Https Server where posting the request is Jetty Server

Overview:

1) In previous release of application it was sending SOAP message to Server 1 over https URL
2) In current release we implemented new requirement where we are using Third party client jar which internally call third party https server
3) Third party client jar is setting up SSL certificate and posting the request. For SSL they are using 443 port and we have opened Proxy for their host server.
4) Now we have 2 third party servers where we are connecting over Https. Server 1 https port is 30042 and Server2 https port is 443.

Usecase Scenario for error:

1) Submit a request to server 1 over https, getting back response properly.
2) Submit a request to Server2 using Third party client jar through proxy server, getting back response properly.
3) Submit a request to server 1 over https, it failing with error “javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake”.
4) Submit a request to Server2 using Third party client jar , getting back response properly.
5) On server 1 it will always fail and we are not able to send SOAP message over Https
6) For Server 1 app is using SOAPConnection and URL API to post SOAPmessage over Https URL
7) For Server 2 app is using third party provided jar which internally opening the socket and writing on it

Error Codes

---------------------------------------------------
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

Recent Changes to this Environment

Currently we migrated our application from Solaris to Suse Lunix servers.

Processor specs

Linux onsrnasdfgpsdev1 2.6.32.54-0.3-default #1 SMP 2012-01-27 17:38:56 +0100 x86_64 x86_64 x86_64 GNU/Linux
Weblogic 10.3.6.01 java version "1.6.0_31" Java(TM) SE Runtime Environment (build 1.6.0_31-b04) Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01, mixed mode)

Workaround

• For Server 1 connection if we create a raw Socket and set Host and Port(30042).
• The request is going fine.
• But if we use SOAPConnection or HttpsURLConnection the request are not going and throwing Handshake error
• If we use Http Url for Server1 everything works fine

What sort of SSL properties are you setting in your app (e.g. -Dweblogic.security.SSL.trustedCAKeyStore)? — Display Name is missing

Thapa Thapa · Accepted Answer · 2013-08-01T15:33:21

If the Proxy is set using System Property in that case all the subsequent Https call will use that proxy even though your are not setting in your program, java do that internally.

In our case we want to access Server 1 without proxy and for server 2 we want proxy. So when we were trying first time to access Server2 we were setting Proxy with system property, after that when we were trying to connect to server 1 it was failing coz the https request was going throught proxy and at our proxy server there was no policy set for server 1

Solutions: 1) Donot set proxy at system level, add at connection level 2) Add rule in proxy server for server 1, so both server 1 & 2 go through proxy 3) At runtime remove proxy from system property before calling server1 and after that set it again. So that Server 2 go through proxy.

Solutions will depend on conditions; choose which is suitable for you.

Thanks
Bhanu Thapa