6

When i try connect a Java 8 app to a webservice i get SSLHandshakeException.

www.ssllabs.com say me TLSv1.1 and TSLv1.2 is not supported by the webservice.

So i execute SSLPoke with:

java -Djavax.net.debug=all -Djdk.tls.client.protocols="TLSv1" -Dhttps.protocol="TLSv1"  SSLPoke ws.seur.com 443

and i get:

*** ClientHello, TLSv1
RandomCookie:  GMT: 1450188882 bytes = { 215, 201, 145, 239, 52, 121, 175, 184, 120, 99, 193, 227, 113, 25, 222, 207, 145, 219, 37, 4, 82, 26, 128, 21, 217, 243, 4, 139 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension server_name, server_name: [type=host_name (0), value=ws.seur.com]
***
[write] MD5 and SHA1 hashes:  len = 171
0000: 01 00 00 A7 03 01 56 70   20 52 D7 C9 91 EF 34 79  ......Vp R....4y
0010: AF B8 78 63 C1 E3 71 19   DE CF 91 DB 25 04 52 1A  ..xc..q.....%.R.
0020: 80 15 D9 F3 04 8B 00 00   2C C0 0A C0 14 00 35 C0  ........,.....5.
0030: 05 C0 0F 00 39 00 38 C0   09 C0 13 00 2F C0 04 C0  ....9.8...../...
0040: 0E 00 33 00 32 C0 08 C0   12 00 0A C0 03 C0 0D 00  ..3.2...........
0050: 16 00 13 00 FF 01 00 00   52 00 0A 00 34 00 32 00  ........R...4.2.
0060: 17 00 01 00 03 00 13 00   15 00 06 00 07 00 09 00  ................
0070: 0A 00 18 00 0B 00 0C 00   19 00 0D 00 0E 00 0F 00  ................
0080: 10 00 11 00 02 00 12 00   04 00 05 00 14 00 08 00  ................
0090: 16 00 0B 00 02 01 00 00   00 00 10 00 0E 00 00 0B  ................
00A0: 77 73 2E 73 65 75 72 2E   63 6F 6D                 ws.seur.com
main, WRITE: TLSv1 Handshake, length = 171
[Raw write]: length = 176
0000: 16 03 01 00 AB 01 00 00   A7 03 01 56 70 20 52 D7  ...........Vp R.
0010: C9 91 EF 34 79 AF B8 78   63 C1 E3 71 19 DE CF 91  ...4y..xc..q....
0020: DB 25 04 52 1A 80 15 D9   F3 04 8B 00 00 2C C0 0A  .%.R.........,..
0030: C0 14 00 35 C0 05 C0 0F   00 39 00 38 C0 09 C0 13  ...5.....9.8....
0040: 00 2F C0 04 C0 0E 00 33   00 32 C0 08 C0 12 00 0A  ./.....3.2......
0050: C0 03 C0 0D 00 16 00 13   00 FF 01 00 00 52 00 0A  .............R..
0060: 00 34 00 32 00 17 00 01   00 03 00 13 00 15 00 06  .4.2............
0070: 00 07 00 09 00 0A 00 18   00 0B 00 0C 00 19 00 0D  ................
0080: 00 0E 00 0F 00 10 00 11   00 02 00 12 00 04 00 05  ................
0090: 00 14 00 08 00 16 00 0B   00 02 01 00 00 00 00 10  ................
00A0: 00 0E 00 00 0B 77 73 2E   73 65 75 72 2E 63 6F 6D  .....ws.seur.com
[Raw read]: length = 5
0000: 15 03 01 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1.2 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:138)
at SSLPoke.main(SSLPoke.java:31)

Why do i get RECV TLSv1.2 ALERT: fatal, handshake_failure if i force TLSv1?

On Java 7 it works fine but Java 8 doesn't work.

Jose Luis Torroba
  • 63
  • 1
  • 4
  • Exactly, I'm not really sure but I was struggling with same errors in java 8 I decreased the java's minor version to 25 instead of 51 or 60 and it has started working. – Sercan Ozdemir Dec 15 '15 at 15:00
  • Possible duplicate of [Java SSL SSLHandshakeException handshake\_failure](http://stackoverflow.com/questions/29048231/java-ssl-sslhandshakeexception-handshake-failure) – Blake Yarbrough Dec 15 '15 at 15:07
  • Sorry Blake, but that question is not the same. It has Http Client, READ: TLSv1.2 Alert, length = 2 Http Client, RECV TLSv1.2 ALERT: fatal, handshake_failure And my issue is that TLS read is v1.0 but RECV is 1.2 – Jose Luis Torroba Dec 15 '15 at 15:19
  • SSLv3 has been [disabled by default](http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html) since JDK 8u31. – Jesper Dec 15 '15 at 15:25
  • But i am trying TLSv1 not SSLv3 – Jose Luis Torroba Dec 15 '15 at 15:27

2 Answers2

5

As indicated by user1516873's answer, there are no common cipher suites supported by the client (Java 8u51 or later) and the server (ws.seur.com). Java 8 Update 51 removed support for RC4 ciphers by default in the client as RC4 is considered weak and compromised.

Area: security-libs/javax.net.ssl Synopsis: Prohibit RC4 cipher suites

RC4 is now considered as a compromised cipher. RC4 cipher suites have been removed from both client and server default enabled cipher suite list in Oracle JSSE implementation. These cipher suites can still be enabled by SSLEngine.setEnabledCipherSuites() and SSLSocket.setEnabledCipherSuites() methods.

See JDK-8077109 (not public).

While the best course of action would be to contact the WebService provider and have them bring their TLS configuration up to date, the workaround of enabling RC4 in the client is described in the release note. Do note however, support for RC4 was removed for a reason and by reenabling it, you are exposing users of your client to a lower security standard.

Anand Bhat
  • 5,591
  • 26
  • 30
4

client Cipher Suites:

  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  • TLS_RSA_WITH_AES_256_CBC_SHA,
  • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
  • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
  • TLS_RSA_WITH_AES_128_CBC_SHA,
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
  • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
  • TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
  • SSL_RSA_WITH_3DES_EDE_CBC_SHA,
  • TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
  • TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
  • SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
  • TLS_EMPTY_RENEGOTIATION_INFO_SCSV

server Cipher Suites:

  • SSL_CK_RC4_128_EXPORT40_WITH_MD5
  • TLS_RSA_EXPORT_WITH_RC4_40_MD5
  • SSL_CK_RC4_128_WITH_MD5
  • TLS_RSA_WITH_RC4_128_MD5
  • TLS_RSA_WITH_RC4_128_SHA

No match. You will get ssl handshake error even if you manually set protocol to TLS 1.0. There is no good solution, server is outdated and uses old unsecured protocols. If you absolutely necessary connect to this server with java 8, you can use BouncyCastle, i think.

user1516873
  • 5,060
  • 2
  • 37
  • 56