I felt to have faced a strange problem, I wrote a core java http client without an SSLContext and when I run the program to call REST service, it started failing with the below exception. However when i added SSLContext to the client it passed and I see response.
Initial Code without SSLContext :
String url = "https://URL";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("CONTENT-TYPE", "application/json");
String request = "{ json Request }";
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.write(request.getBytes());
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("Response Code : " + responseCode);
Exception : javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
During SSL debugging it is found that client server sends TSLv1.2 during ClientHello, however i dont see a ServerHello in return.
But when the below SSL code error disappeared
SSLContext sc = SSLContext.getInstance("TLSv1.2");
sc.init(null, null, new java.security.SecureRandom());
con.setSSLSocketFactory(sc.getSocketFactory());
Help me understand what happens if I don't set SSLContext and the behavior when SSLContext is added.
