0

I have made a simple RESTlet that I have hosted on an Amazon EC2 instance.

I can reach this when i run it over HTTP.

I needed to convert this to working with HTTPS so followed the RESTlet guide at https://restlet.com/open-source/documentation/user-guide/2.2/core/security/https

When I connect to it over HTTP I get this error..

Restlet-917142466, READ: TLSv1.2 Alert, length = 2
Restlet-917142466, RECV TLSv1.2 ALERT:  fatal, certificate_unknown
Restlet-917142466, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
Restlet-917142466, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
Restlet-917142466, called closeInbound()
Restlet-917142466, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
Restlet-917142466, called closeOutbound()
Restlet-917142466, closeOutboundInternal()

The Java code is very simple and mirrors the sample RESTlet server in the guide.

Any suggestions on what I could try to fix this?

rob
  • 2,119
  • 1
  • 22
  • 41
Pagrate
  • 141
  • 2
  • 10
  • It is because of you client ca try this: https://stackoverflow.com/questions/3775483/ssl-handshake-exception – Mohsen Jul 13 '17 at 16:04
  • It could be the client, I have no control over that unfortunately, this is a third party that calls my API. It may be that there client requires a cert signed from a CA and not a self signed cert. But when I try using CURL to access this I do get the same error which made me think my cert was invalid. – Pagrate Jul 14 '17 at 08:38

0 Answers0