Java : javax.net.ssl.SSLHandshakeException

Question

Given the following code:

    public void start(String a_sAddress, int a_nPort) throws IOException {

    try {
        // Create a trust manager that does not validate certificate chains
        final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override
            public void checkClientTrusted(java.security.cert.X509Certificate[] chain,  String authType) {
                // TODO Auto-generated method stub

            }

            @Override
            public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
                // TODO Auto-generated method stub

            }
        } };

        // Install the all-trusting trust manager
        final SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
        sslContext.init( null, trustAllCerts, new java.security.SecureRandom() );

    //  Init a configuration with our SSL context
        HttpsConfigurator configurator = new HttpsConfigurator(sslContext);

       HttpsServer server = HttpsServer.create(new InetSocketAddress(a_sAddress, a_nPort), 0);

       server.setHttpsConfigurator(configurator);

       //here - attaching HttpHanlder code.

       server.setExecutor(null); // creates a default executor
       server.start();
    }
    catch (KeyManagementException e) {
        System.out.println("HttpsRequest - setTLSMode - KeyManagementException");
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        System.out.println("HttpsRequest - setTLSMode - NoSuchAlgorithmException");
        e.printStackTrace();
    }
}

I was trying to ignore certificate verification, since I am only a test simulator.

The problem is that my client gets "javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake"

Must I handle certificates here? Or am I failing in trying to ignore the certificates validation?

Thank you.

Update: Well, talking to some friends, they suggested I should create a self-signed certificate, register my server with it and send it to my client to use when sending me requests.

My server is running on Solaris 10. I tried to look in The Most Common Java Keytool Keystore Commands but couldn't figure out the specific commands which fits my needs. Can you please assist? Thanks

you cannot create https server without _some_ private key for generate session keys for traffic encryption. You should pass keyManagers to sslContext with any valid private key at least. for example check this question answers http://stackoverflow.com/questions/2308479/simple-java-https-server — user1516873, Dec 21 '16 at 09:28

score 0 · Answer 1 · answered Dec 21 '16 at 14:39

0

You need

keytool -genkey ...

to generate a keypair, and then

keytool -selfcert ...

to generate a self-signed certificate, using the same alias.

answered Dec 21 '16 at 14:39

user207421

305,947
44
307
483

Java : javax.net.ssl.SSLHandshakeException

1 Answers1