I got javax.net.ssl.SSLHandshakeException: remote connection to remote host during handshake
When I tried to make an ajax call with httpclient 4.4.1 to get to a web service that is in another site and I see the following problem:
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:185)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.upgrade(PoolingHttpClientConnectionManager.java:369)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:415)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at utilities.Utilities.executeRequest(Utilities.java:229)
at utilities.Utilities.makePost(Utilities.java:301)
at utilities.Utilities.makePost(Utilities.java:307)
at utilities.AudioUtteranceUtilities.createAudioUtterance(AudioUtteranceUtilities.java:21)
at dataset.tst_preprod.CommonSteps.createDataSet(CommonSteps.java:35)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.jbehave.core.steps.StepCreator$MethodInvoker.invoke(StepCreator.java:798)
at org.jbehave.core.steps.StepCreator$BeforeOrAfterStep.perform(StepCreator.java:489)
at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:535)
at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:515)
at org.jbehave.core.embedder.StoryRunner.runBeforeOrAfterStorySteps(StoryRunner.java:460)
at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:268)
at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220)
at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181)
at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:262)
at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:229)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(Unknown Source)
... 38 more
I have jre8 and debug is the following
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1422120426 bytes = { 181, 85, 212, 79, 3, 50, 253, 71, 166, 7, 222, 228, 188, 111, 117, 149, 155, 68, 136, 84, 225, 133, 134, 154, 8, 102, 86, 188 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Extension server_name, server_name: [type=host_name (0), value=ldsnewtst01.amr.corp.intel.com]
***
[write] MD5 and SHA1 hashes: len = 246
0000: 01 00 00 F2 03 03 55 C4 D6 EA B5 55 D4 4F 03 32 ......U....U.O.2
0010: FD 47 A6 07 DE E4 BC 6F 75 95 9B 44 88 54 E1 85 .G.....ou..D.T..
0020: 86 9A 08 66 56 BC 00 00 46 C0 23 C0 27 00 3C C0 ...fV...F.#.'.<.
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.).g.@...../...
0040: 0E 00 33 00 32 C0 2B C0 2F 00 9C C0 2D C0 31 00 ..3.2.+./...-.1.
0050: 9E 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 ................
0060: 13 C0 07 C0 11 00 05 C0 02 C0 0C 00 04 00 FF 01 ................
0070: 00 00 83 00 0A 00 34 00 32 00 17 00 01 00 03 00 ......4.2.......
0080: 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 ................
0090: 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 ................
00A0: 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 ................
00B0: 00 00 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 ................
00C0: 03 04 01 03 03 03 01 02 03 02 01 02 02 01 01 00 ................
00D0: 00 00 23 00 21 00 00 1E 6C 64 73 6E 65 77 74 73 ..#.!...ldsnewts
00E0: 74 30 31 2E 61 6D 72 2E 63 6F 72 70 2E 69 6E 74 t01.amr.corp.int
00F0: 65 6C 2E 63 6F 6D el.com
pool-1-thread-1, WRITE: TLSv1.2 Handshake, length = 246
[Raw write]: length = 251
0000: 16 03 03 00 F6 01 00 00 F2 03 03 55 C4 D6 EA B5 ...........U....
0010: 55 D4 4F 03 32 FD 47 A6 07 DE E4 BC 6F 75 95 9B U.O.2.G.....ou..
0020: 44 88 54 E1 85 86 9A 08 66 56 BC 00 00 46 C0 23 D.T.....fV...F.#
0030: C0 27 00 3C C0 25 C0 29 00 67 00 40 C0 09 C0 13 .'.<.%.).g.@....
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 2B C0 2F 00 9C ./.....3.2.+./..
0050: C0 2D C0 31 00 9E 00 A2 C0 08 C0 12 00 0A C0 03 .-.1............
0060: C0 0D 00 16 00 13 C0 07 C0 11 00 05 C0 02 C0 0C ................
0070: 00 04 00 FF 01 00 00 83 00 0A 00 34 00 32 00 17 ...........4.2..
0080: 00 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A ................
0090: 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 ................
00A0: 00 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 ................
00B0: 00 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 ................
00C0: 05 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 ................
00D0: 02 02 01 01 00 00 00 23 00 21 00 00 1E 6C 64 73 .......#.!...lds
00E0: 6E 65 77 74 73 74 30 31 2E 61 6D 72 2E 63 6F 72 newtst01.amr.cor
00F0: 70 2E 69 6E 74 65 6C 2E 63 6F 6D p.intel.com
pool-1-thread-1, received EOFException: error
pool-1-thread-1, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
pool-1-thread-1, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
pool-1-thread-1, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 28 ......(
pool-1-thread-1, called closeSocket()
I got this problem yesterday, before it worked successfully, I was able to successfully complete the ajax call, but now I am getting this error
+3
source to share
2 answers
Thanks for your reply! I have set up a proxy for
HttpHost proxy = new HttpHost("proxy.com", 911, "http");
RequestConfig config = RequestConfig.custom().setProxy(proxy).build();
I changed this way as follows:
System.setProperty("http.proxyHost", "proxy.com");
System.setProperty("http.proxyPort", "911");
And it works well. I don't know why the previous method doesn't work.
+3
source to share
If the server site is closed immediately after receiving the ClientHello, it might just be:
- a firewall between you and the server blocking the connection.
- the server is crooked because it cannot deal with ciphers or the version of the protocol offered by the client.
- misconfigured server
- wrong hostname used
- ...
To narrow down the reason, try with other clients such as different web browsers, curls, etc. If they can manage to look at the SSL handshake to see what they are doing are different (i.e. different ciphers or protocols). If they don't work, look at the server side for errors and try to make sure the packets are already received on the server, i.e. That the firewall is not blocking traffic.
+2
source to share