3

I am getting below exception while firing simple http GET request from java.(actually from jsoup java api).

javax.net.ssl.SSLKeyException: Invalid signature on ECDH server key exchange message
        at sun.security.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:1098)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:278)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
        at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:512)
        at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:493)
        at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:205)
        at org.jsoup.helper.HttpConnection.get(HttpConnection.java:194)
        at com.ampower.scraper.data.util.DocumentUtil.test(DocumentUtil.java:205)
        at com.ampower.scraper.goolesearch.email.EmailScraper.doGoogleSearch(EmailScraper.java:87)
        at com.ampower.scraper.goolesearch.email.EmailScraper.main(EmailScraper.java:50)

Here iam using java version is 1.7.0_101. please suggest.

Stephan
  • 41,764
  • 65
  • 238
  • 329
Harinath
  • 105
  • 1
  • 4
  • 12

2 Answers2

2

It could be a expired certificate problem. I stumbled upon the same error; after debugging the SSL/TLS Connections I noticed said certicate was no longer valid anymore:

Validaty: [From: date-in-the-past,
           To: date-in-the-past]

As soon as the certicate was renewed, the error was gone.

Jacob van Lingen
  • 8,989
  • 7
  • 48
  • 78
-1

Try one of the following options:

Option 1: JDK upgrade

If possible, change your JDK version for a newer version and check if you run into the same issue again.

Option 2: Possible known issue

A similar issue has been reported. The solution comes from the using of the jdk.tls.client.protocols system property.

Option 3: Disable TLS certificates validation

Jsoup.connect(url).validateTLSCertificates(false).get();

Option 4: Debug the SSL exchange

Paste the url of your target site here: Comodoca's SSL analyzer

See the full detailed approach in this SO answer (Wht not Java7?).

See also:

Community
  • 1
  • 1
Stephan
  • 41,764
  • 65
  • 238
  • 329
  • Not one of these five links concerns the exception in the question. The problem is clearly at the other end, not this end, so how upgrading Java at this end is going to solve anything remains a mystery. – user207421 May 25 '16 at 10:07
  • @EJP *Not one of these five links concerns the exception in the question.* They are **six** links... ## *The problem is clearly at the other end* Why? ## *how upgrading Java at this end is going to solve(...)* Can you offer a solution to OP? – Stephan May 25 '16 at 14:39
  • @user207421 Each JDK/JRE comes with a cacerts file which holds certificates of well known CAs. So upgrading JDK automtically upgrades your trusted CA list and that's how it may help in some cases of certificate error. – Dojo Sep 01 '23 at 10:13