6

I've been stuck for a couple of days now, and I've checked several answers already ( this, this, this, this, this, this, this, this ), but I haven't been able to solve my problem. I'm new to SSL, and there does not appear to be anyone else in my organization who has done this.

Background

We currently have a set of terminals in retailer outlets connecting to a server via SSL. The connection includes client authentication. My organization is acting as a CA and has issued a cacert.crt certificate and used it to sign a certificate for the server and one certificate for all of the client terminals. The terminals currently work correctly with the server, but I'm unable to get detailed information about the current connection or configuration from the people who support the environment... It appears that the system was purchased years ago from a combination of vendors, and the knowledge has been lost. I'm currently trying to develop a separate client that can communicate with the server outside of the existing terminals.

Problem

I've developed a very simple Java SSL client in order to better understand the SSL configuration and learn where and how the certificates and keys need to be referenced in order to connect. Unfortunately, I've been unable to connect successfully to the server, and I'm not sure what is wrong or what else to check.

I've been able to produce a debug log of the SSL connection (attached below). I've also been able to produce a log from running openssl's s_client function, but I'm not familiar with the tool and so I'm not sure what it's telling me. I've attached all of the code and logs, and I'm hoping you can provide me with some insight on what the problem is.

Since I'm new to SSL, I'm not sure if I've provided all of the pertinent information. Please let me know if you need any further information.

Simple Java Client

public class Client {
    private static String serverIP  = "{snip: server IP}";
    private static int serverPort   = {snip: port number};


    public static void main(String[] arstring) {
        try {
            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(Client.serverIP, Client.serverPort);

            InputStream inputstream = System.in;
            InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
            BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

            OutputStream outputstream = sslsocket.getOutputStream();
            OutputStreamWriter outputstreamwriter = new OutputStreamWriter(outputstream);
            BufferedWriter bufferedwriter = new BufferedWriter(outputstreamwriter);

            String string = null;
            while ((string = bufferedreader.readLine()) != null) {
                bufferedwriter.write(string + '\n');
                bufferedwriter.flush();
            }

        } catch (Exception exception) {
            exception.printStackTrace();
        }
    }
}

SSL Debug Log

java -Djavax.net.ssl.trustStore=ca_only.jks -Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.debug=ssl,handshake -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStorePassword=password Client
keyStore is : keystore.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : 1
chain [0] = [
[
  Version: V3
  Subject: CN=Server, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: {snipped due to post length}
  public exponent: 65537
  Validity: [From: Wed Jul 04 11:17:50 CDT 2012,
               To: Mon Jul 04 11:17:50 CDT 2022]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb7]

Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E   53 53 4C 20 47 65 6E 65  ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65   72 74 69 66 69 63 61 74  rated Certificat
0020: 65                                                 e


[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 43 EF 2E E1 B8 E6 01 C4   65 E1 E3 38 CE DA 86 C7  C.......e..8....
0010: BE 93 65 BA                                        ..e.
]
]

]
  Algorithm: [SHA1withRSA]
  Signature:
{snipped due to post length}

]
***
trustStore is: ca_only.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
  Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
  Issuer:  CN=DEV2008, O=Organization, ST=ON, C=CA
  Algorithm: RSA; Serial number: 0xb7ccceda64ef4eb3
  Valid from Wed Sep 10 10:10:25 CDT 2008 until Sun Sep 10 10:10:25 CDT 2028

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
testText
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1388847103 bytes = { 81, 210, 193, 47, 1, 40, 31, 209, 31, 74, 153, 216, 224, 141, 29, 4, 49, 162, 216, 34, 206, 202, 42, 228, 204, 73, 106, 208 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect5
71r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
main, WRITE: TLSv1 Handshake, length = 149
main, READ: SSLv3 Handshake, length = 74
*** ServerHello, SSLv3
RandomCookie:  GMT: 1385163043 bytes = { 125, 48, 211, 49, 203, 23, 208, 161, 188, 43, 152, 33, 160, 32, 20, 163, 66, 19, 136, 90, 152, 42, 154, 53, 208, 175, 39, 177 }
Session ID:  {162, 201, 116, 199, 55, 245, 172, 195, 38, 102, 80, 124, 35, 60, 29, 218, 112, 86, 108, 44, 8, 212, 102, 73, 102, 68, 212, 246, 165, 233, 2, 31}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
***
Warning: No renegotiation indication extension in ServerHello
%% Initialized:  [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
** TLS_RSA_WITH_AES_128_CBC_SHA
main, READ: SSLv3 Handshake, length = 1980
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=Server, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: {snipped due to post length}
  public exponent: 65537
  Validity: [From: Wed Jul 04 11:15:51 CDT 2012,
               To: Mon Jul 04 11:15:51 CDT 2022]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb6]

Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E   53 53 4C 20 47 65 6E 65  ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65   72 74 69 66 69 63 61 74  rated Certificat
0020: 65                                                 e


[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 01 98 19 F0 74 48 DB CF   55 D0 1B 9B A3 C8 04 61  ....tH..U......a
0010: 50 03 F9 F6                                        P...
]
]

]
  Algorithm: [SHA1withRSA]
  Signature: {snipped due to post length}

]
chain [1] = [
[
  Version: V3
  Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: {snipped due to post length}
  public exponent: 65537
  Validity: [From: Wed Sep 10 10:10:25 CDT 2008,
               To: Sun Sep 10 10:10:25 CDT 2028]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb3]

Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
[CN=DEV2008, O=Organization, ST=ON, C=CA]
SerialNumber: [    b7ccceda 64ef4eb3]
]

[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:true
  PathLen:2147483647
]

[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

]
  Algorithm: [SHA1withRSA]
  Signature: {snipped due to post length}

]
***
Found trusted certificate:
[
[
  Version: V3
  Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: {snipped due to post length}
  public exponent: 65537
  Validity: [From: Wed Sep 10 10:10:25 CDT 2008,
               To: Sun Sep 10 10:10:25 CDT 2028]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb3]

Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
[CN=DEV2008, O=Organization, ST=ON, C=CA]
SerialNumber: [    b7ccceda 64ef4eb3]
]

[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:true
  PathLen:2147483647
]

[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

]
  Algorithm: [SHA1withRSA]
  Signature: {snipped due to post length}

]
main, READ: SSLv3 Handshake, length = 13
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
<Empty>
*** ServerHelloDone
matching alias: 1
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=Server, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: {snipped due to post length}
  public exponent: 65537
  Validity: [From: Wed Jul 04 11:17:50 CDT 2012,
               To: Mon Jul 04 11:17:50 CDT 2022]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb7]

Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E   53 53 4C 20 47 65 6E 65  ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65   72 74 69 66 69 63 61 74  rated Certificat
0020: 65                                                 e


[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 43 EF 2E E1 B8 E6 01 C4   65 E1 E3 38 CE DA 86 C7  C.......e..8....
0010: BE 93 65 BA                                        ..e.
]
]

]
  Algorithm: [SHA1withRSA]
  Signature:
{snipped due to post length}

]
***
*** ClientKeyExchange, RSA PreMasterSecret, SSLv3
main, WRITE: SSLv3 Handshake, length = 1221
SESSION KEYGEN:
{snipped because I'm not sure if this is sensitive or not}
*** CertificateVerify
main, WRITE: SSLv3 Handshake, length = 262
main, WRITE: SSLv3 Change Cipher Spec, length = 1
*** Finished
verify_data:  { 159, 145, 181, 103, 3, 219, 244, 50, 1, 137, 254, 25, 166, 118, 40, 186, 196, 23, 254, 184, 250, 137, 29, 171, 163, 153, 126, 193, 226, 134, 145, 9, 137, 16, 90, 178 }
***
main, WRITE: SSLv3 Handshake, length = 64
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT:  fatal, handshake_failure
%% Invalidated:  [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
        at sun.security.ssl.AppOutputStream.write(Unknown Source)
        at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
        at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
        at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
        at sun.nio.cs.StreamEncoder.flush(Unknown Source)
        at java.io.OutputStreamWriter.flush(Unknown Source)
        at java.io.BufferedWriter.flush(Unknown Source)
        at Client.main(Client.java:33)

OpenSSL s_client state log As I mentioned above, I'm not really sure what this tool is telling me or if I am running it correctly.

openssl.exe s_client -connect {serverIP}:{serverPort} -cert client.cer -key client.key -cipher AES128-SHA -state
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Enter pass phrase for client.key:
Loading 'screen' into random state - done
CONNECTED(000000E0)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 C = CA, ST = ON, O = Organization, CN = DEV2008
verify error:num=19:self signed certificate in certificate chain
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
Certificate chain
 0 s:/C=CA/ST=ON/O=Organization/CN=Server
   i:/C=CA/ST=ON/O=Organization/CN=DEV2008
 1 s:/C=CA/ST=ON/O=Organization/CN=DEV2008
   i:/C=CA/ST=ON/O=Organization/CN=DEV2008
---
Server certificate
-----BEGIN CERTIFICATE-----
{snipped due to post length}
-----END CERTIFICATE-----
subject=/C=CA/ST=ON/O=Organization/CN=Server
issuer=/C=CA/ST=ON/O=Organization/CN=DEV2008
---
No client certificate CA names sent
---
SSL handshake has read 2157 bytes and written 1672 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : AES128-SHA
    Session-ID: E6EB30E4E24114A59436063BE2A732B3CBF6F47A57AA34CFBFB584FC1517F5D9
    Session-ID-ctx:
    Master-Key: 86307078588C268CDCFCD6B9ABBD55DC8C0A61E900384D3FF99091E030EF9C831B61A880D33313D0DCC7C6688507790A
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1405627491
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
read:errno=0
SSL3 alert write:warning:close notify

I noticed that in the CertificateRequest section of the SSL debug log, the Cert Authorities list is "". I read in one question that this is a configuration issue of the server, but that can't be the case because the current terminals work with no problems. I also read in another question that that is up to the implementation and may be allowed. I'm not sure which is true, but I am certain the the terminals are currently able to connect to the server, whereas my test client is unable to.

Do you know what I'm doing wrong such that I get and handshake_failure when I try to connect?

Thank you for any help you are able to provide.

Community
  • 1
  • 1
Dan N
  • 98
  • 1
  • 1
  • 6
  • Hi, are you in a position to grab a wireshark trace of the SSL handshaking and failure? – Greycon Jul 18 '14 at 17:15
  • Also, looking more closely, I see that your server cert /CN=Server, appears to be in your keystore, and your client cert in your truststore. You need to put the server cert into your truststore. – Greycon Jul 18 '14 at 17:29
  • @Greycon: Thanks for the responses. I'm checking with my Security group now to see what they think about using WireShark. As for the server cert being in the keystore, I am not seeing it... When I run the java program, the truststore parameter is being passed ca_only.jks, which is the CA's public certificate, and the keystore is being given keystore.jks. I noticed that that keystore only contains the client private key, so maybe this is my problem... perhaps it doesn't have access to a public key for the client to send to the server. – Dan N Jul 18 '14 at 19:47
  • Regarding the client key/cert in the keystore, I'm not sure what it contains now. When I list it with keytool, there is one entry with "Entry type: PrivateKeyEntry", but when I try to add the client.cer to it, it says the certificate already exists in the keystore. And I can't seem to add client.key to a new keystore with keytool, which doesn't seem to allow that function. – Dan N Jul 18 '14 at 20:09
  • Dan, the more I look at this, the more I think it's a problem with the client cert. (Which is self-signed, I guess.) Looking at the trace from your java program, it gets past the client hello, and gets to key exchage. So, the server cert is successfully matched against the chain in your truststore. (ie cert for CN=Server, signed by cert for CN=DEV2008) How did you get the client certificate? Is it possible that the client cert public key which is stored on the server doesn't corrospond to the client private key you are using in your keystore? – Greycon Jul 19 '14 at 21:58
  • It is self-signed. My Security group gave me the files and passwords. I am attempting to get the keystore that one of the (linux) terminals is using (client.p12), but I can't get the keytool to list the contents. It keeps responding with an IOException, "toDerInputStream rejects tag type 68". I get no results when searching for that particular error. I ran the file through one of TextPad's add-ons (Convert) to ensure line terminators are in Windows format, but that didn't change anything. – Dan N Jul 21 '14 at 12:50
  • I was able to use this command to verify the client.cer file against the root certificate: openssl verify -verbose -purpose sslserver -CAfile cacert.crt client.cer It responded with "client.cer: OK" , so I'm thinking that means the client certificate has been signed with the same root certificate that I am using to authenticate the server's certificate. – Dan N Jul 21 '14 at 14:25
  • it's hard to get to the heart of this remotely, but I have definitely done what you are attempting. So, if you are willing, how about stepping back a bit and verifying a few things by breaking them. I would suggest; 1. Try to verify that the trust store is OK. So, remove all entries from the truststore, and run your program. In the debug, you should see a very clear "Chaining error" or cert not found error. 2. Add your Signer CA cert (Which is CN=DEV2008) back into that truststore, and re-run. You should be back to square one again. Do you have time to try that and revert? Cheers – Greycon Jul 21 '14 at 15:28
  • Dan, I notice a lot of "Ignoring unsupported xxxx protocols" in your debug. I should have seen them before. Can you add socket.setEnabledProtocols(new String[]{"SSLv3", "TLSv1"}); to your code just after you create the factory? – Greycon Jul 21 '14 at 16:03
  • Setting the enabled protocols might have done it. Using your line still caused the error, but I removed the TLSv1 part of it (since I know this server only uses SSLv3)(so it just says "sslsocket.setEnabledProtocols(new String[]{"SSLv3"});"), and it cached the client session after the verify data. Not sure if it all works yet, but that fixed the handshake_failure issue that I asked about. If you post that up as an answer, I'll mark it as such and we can close this question for now. – Dan N Jul 21 '14 at 16:42

1 Answers1

2

Dan,

I notice a lot of "Ignoring unsupported xxxx protocols" in your debug. If you add;

socket.setEnabledProtocols(new String[]{"SSLv3", "TLSv1"}); 

to your code just after you create the factory, that should solve the handshake issue.

Greycon
  • 793
  • 6
  • 19
  • I used 'socket.setEnabledProtocols(new String[]{"SSLv3"});' instead, and it solved the problem. This server can only use SSLv3, but the client starts the negotiation trying to use TLSv1 without this restriction. Once the restriction is placed, the negotiation succeeds and the session is cached. Thanks for the help! – Dan N Jul 21 '14 at 18:24
  • 3
    Just the only option NOT TO DO now Poodle attack is known – Yves Martin Dec 09 '14 at 06:58