javax.net.ssl.SSLHandshakeException while connecting to third Party URL using HTTPPost

2
votes

Code Snippets :

This is a standalone multi threaded core java application which is using httpclient-4.0-beta1.jar for connection.

Exception:

Below Exception occurs when try to connect to client url , I need to send request.

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1496) at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1508) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:70) at org.apache.http.impl.conn.DefaultClientConnection.close(DefaultClientConnection.java:161) at org.apache.http.impl.conn.AbstractPooledConnAdapter.close(AbstractPooledConnAdapter.java:158) at com.firstdata.prepaid.closedloop.service.realtime.transaction.processor.ProcessorThread.run(ProcessorThread.java:25) Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:709) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122) at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:87) at org.apache.http.impl.io.AbstractSessionOutputBuffer.write(AbstractSessionOutputBuffer.java:107) ... 12 more Caused by: java.io.EOFException: SSL peer shut down incorrectly

   *********************

For 

SSLContext we used 
    SSLContext context = SSLContext.getInstance(TLSv1_2);

For Connection:

 HttpParams params = new BasicHttpParams();
 ConnManagerParams.setMaxConnectionsPerRoute(params, new ConnPerRouteBean(900));
 ConnManagerParams.setMaxTotalConnections(params, 1800);
 HttpConnectionParams.setConnectionTimeout(params, 30); // Connection timeout when requesting a connection.
HttpConnectionParams.setSoTimeout(params, 30); // Connection level timeout for waiting on data if Method level not provided.
HttpConnectionParams.setLinger(params, 0); //Disabled - How long a socket lingers after close() is called.
HttpConnectionParams.setStaleCheckingEnabled(params, false); // Disabled - Check the connec tion before attempting to use.
HttpConnectionParams.setTcpNoDelay(params, false); // Disabled - Enables Nagles Algorithm for performance.

HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); // Http Protocol Version to use.
HttpProtocolParams.setUseExpectContinue(params, false); 
HttpProtocolParams.setContentCharset(params, "ISO-8859-1"); // Body Content Character Set.
HttpProtocolParams.setHttpElementCharset(params, "ISO-8859-1"); // Header Content Character Set. 
HttpClientParams.setAuthenticating(params, false);
ConnManagerParams.setTimeout(params, 30);

HttpClientParams.setRedirecting(params, false); // Disabled - Allow Redirects.
HttpClientParams.setCookiePolicy(params, CookiePolicy.BEST_MATCH);

 SchemeRegistry httpSecureSchemeRegistry = new SchemeRegistry();    
 httpSecureSchemeRegistry.register(new Scheme("https",SSLSocketFactory.getSocketFactory(),443));
 ClientConnectionManager cmHttpSecure = new ThreadSafeClientConnManager(params, httpSecureSchemeRegistry);
 this.httpSecureClient = new DefaultHttpClient(cmHttpSecure, params);

 HttpPost httpPost = new HttpPost(clientURL);
 this.httpSecureClient.execute(httpPost);

I am running this through shell script using below configuration, At first 1 tried executing with Proxy but after that I configure proxy as well but still the same problem is there .Any help in thsi will be highly appreciated.

$JAVA_HOME/java -Xms128m -Xmx1024m -cp $CLASSPATH -Djavax.net.ssl.trustStore=/java/jdk1.7.0_49/jre/lib/security/cacerts -Djavax.net.ssl.keyStorePassword=changeit -Djavax.http.proxyHost=proxyAddress -Djavax.http.port=8080  > ./out.log 2>&1 &
2
javasslhttpshttp-postapache-httpclient-4.x

2 Answers

2
votes

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

This can be almost anything but has usually nothing to with validation of the servers certificate. Some common causes of this error:

  • Server requires SNI but no SNI is used by the client. Especially the Apache HTTP Client shipped with the Android SDK does not support SNI.
  • Server requires client certificate which client does not send or which is not accepted by the server.
  • Mismatch of cipher, protocol version ...

To debug the problem try to contact the server with other clients, try to contact other servers with the client, play around with ciphers protocol versions, look at packet captures etc. Also look at logs at the server side. Unfortunately SSL problems are hard to debug because one does not get much useful error messages.

1
votes

I make REST calls on self-signed certificate on localhost so I'd to add my certificate to jvm in cacert file but after that this works fine for me
CloseableHttpClient client = HttpClients.custom().setSSLHostnameVerifier(new NoopHostnameVerifier()).build();