java - Jboss - handshake failure - client connection using TLSv1.1 instead of TLSv1.2 -

-

i have jboss version version 6.3.0.ga , using java version 1.7.0_71 collegues on remote server changes allowed tls protocol 1.1 1.2, , have update client (deployed in jboss). problem after change receive:

faultstring: javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure

in ssl debug see:

5:22:43,921 info  [stdout] (http-/0.0.0.0:8080-1) *** clienthello, tlsv1 15:22:43,923 info  [stdout] (http-/0.0.0.0:8080-1) randomcookie:  gmt: 1467638563 bytes = { 250, 245, 94, 108, 232, 16, 43, 124, 53, 95, 38, 104, 249, 96, 71, 207, 230, 7, 84, 183, 41, 224, 63, 213, 186, 7, 179, 255 } 15:22:43,923 info  [stdout] (http-/0.0.0.0:8080-1) session id:  {} 15:22:43,923 info  [stdout] (http-/0.0.0.0:8080-1) cipher suites: [tls_ecdhe_ecdsa_with_aes_128_cbc_sha, tls_ecdhe_rsa_with_aes_128_cbc_sha, tls_rsa_with_aes_128_cbc_sha, tls_ecdh_ecdsa_with_aes_128_cbc_sha, tls_ecdh_rsa_with_aes_128_cbc_sha, tls_dhe_rsa_with_aes_128_cbc_sha, tls_dhe_dss_with_aes_128_cbc_sha, tls_ecdhe_ecdsa_with_rc4_128_sha, tls_ecdhe_rsa_with_rc4_128_sha, ssl_rsa_with_rc4_128_sha, tls_ecdh_ecdsa_with_rc4_128_sha, tls_ecdh_rsa_with_rc4_128_sha, tls_ecdhe_ecdsa_with_3des_ede_cbc_sha, tls_ecdhe_rsa_with_3des_ede_cbc_sha, ssl_rsa_with_3des_ede_cbc_sha, tls_ecdh_ecdsa_with_3des_ede_cbc_sha, tls_ecdh_rsa_with_3des_ede_cbc_sha, ssl_dhe_rsa_with_3des_ede_cbc_sha, ssl_dhe_dss_with_3des_ede_cbc_sha, ssl_rsa_with_rc4_128_md5, tls_empty_renegotiation_info_scsv] 15:22:43,924 info  [stdout] (http-/0.0.0.0:8080-1) compression methods:  { 0 } 15:22:43,924 info  [stdout] (http-/0.0.0.0:8080-1) extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 15:22:43,924 info  [stdout] (http-/0.0.0.0:8080-1) extension ec_point_formats, formats: [uncompressed] 15:22:43,925 info  [stdout] (http-/0.0.0.0:8080-1) extension server_name, server_name: [host_name: cxg7d.test.centurylink.com] 15:22:43,925 info  [stdout] (http-/0.0.0.0:8080-1) *** 15:22:43,925 info  [stdout] (http-/0.0.0.0:8080-1) http-/0.0.0.0:8080-1, write: tlsv1 handshake, length = 184 15:22:43,958 info  [stdout] (http-/0.0.0.0:8080-1) http-/0.0.0.0:8080-1, read: tlsv1.2 alert, length = 2 15:22:43,959 info  [stdout] (http-/0.0.0.0:8080-1) http-/0.0.0.0:8080-1, recv tlsv1 alert:  fatal, handshake_failure 15:22:43,959 info  [stdout] (http-/0.0.0.0:8080-1) http-/0.0.0.0:8080-1, called closesocket() 15:22:43,960 info  [stdout] (http-/0.0.0.0:8080-1) http-/0.0.0.0:8080-1, handling exception: javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure 15:22:43,963 error [stderr] (http-/0.0.0.0:8080-1) axisfault 15:22:43,964 error [stderr] (http-/0.0.0.0:8080-1)  faultcode: {http://schemas.xmlsoap.org/soap/envelope/}server.userexception 15:22:43,964 error [stderr] (http-/0.0.0.0:8080-1)  faultsubcode:  15:22:43,964 error [stderr] (http-/0.0.0.0:8080-1)  faultstring: javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure

even after below change has been applied

1 - updated "standalone.xml" below values

<system-properties>     <property name="https.protocols" value="tlsv1.2"/> </system-properties>

2 - added below java options server start:

-djavax.net.debug=all -ddeployment.security.tlsv1.2=true -ddeployment.security.tlsv1.2=true -ddeployment.security.tlsv1=false -dhttps.protocols=tlsv1.2

3 - changed graphically protocols in java console jdk control panel

but nothing handshake still exists. suppose error on "client hello" still use tlsv1 instead of 1.2 . youhave suggestion force value? s.

no way force tlsv1.2 java 1.7.0_71 using properties file. way worked add following java code program:

socket.setenabledprotocols(new string[] {"sslv2hello", "tlsv1", "tlsv1.1", "tlsv1.2"});

Comments

Post a Comment

Popular posts from this blog

java - Static nested class instance -

-
this question has answer here: java inner class , static nested class 23 answers i came across in java, know static nested class why create instance of 'static'. isn't whole idea of 'static' use without instance? understand concept of inner classes, why (and frankly how possible to) create 'instance' of 'static' member @ ? why this: 1- outerclass.staticnestedclass nestedobject = new outerclass.staticnestedclass(); 2- nestedobject.anestedclassmethod(); and not this: 1- outerclass outerinstance=new outerclass(); 2- outerinstance.staticnestedclass.anestedclassmethod(); use on inner classes, keyword static indicates can access inner class without instance of outer class. for example: public class outer { public static class inner { /* code here. */ } } with construction, can create instance of inn
Read more

c# - Bluetooth LE CanUpdate Characteristic property -

-
i building xamarin.forms cross platform mobile app, uses monkey.robotics bluetoth low energy functionality. connecting mbed based implimentation of custom gatt service . in xamarin c#, triggers characteristic. canupdate property in monkey.robotics? this standard example c# based on: if (characteristic.canupdate) { characteristic.valueupdated += (s, e) => { debug.writeline("characteristic.valueupdated"); device.begininvokeonmainthread( () => { updatedisplay(characteristic); }); isbusy = false; // spin until first result received }; isbusy = true; characteristic.startupdates(); } this has been working, since changed own custom gatt service connecting to, canupdate property false. property , how triggered? me debugging gatt service code. thanks monkey.robotics open sour
Read more

JavaScript - Replace variable from string in all occurrences -

-
ok, know if have character '-' , want remove in places in string javascript, ... someword = someword.replace(/-/g, ''); but, when applying array of characters, s not working ... const badchars = ('\/:*?"<>|').split(''); let filename = title.replace(/ /g, '-').tolocalelowercase(); (let item = 0; item < badchars.length; item++) { // below not work global '/ /g' filename = filename.replace(/badchars[item]/g, ''); } any ideas? /badchars[item]/g looks badchars , literally, followed i , t , e , or m . if you're trying use character badchars[item] , you'll need use regexp constructor, , you'll need escape regex-specific characters. escaping regular expression has been well-covered . using that: filename = filename.replace(new regexp(regexp.quote(badchars[item]), 'g'), ''); but , don't want that. want character class: let filename = title.replac
Read more