219

I have a java complied package to speak with the https server on net. Running the compilation gives the following exception:

javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
    at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)

I think this is due to the connection established with the client machine is not secure. Is there any way to configure the local machine or ports in order to connect to the remote https server?

Eric Leschinski
  • 146,994
  • 96
  • 417
  • 335
karthi
  • 2,762
  • 4
  • 30
  • 28
  • For the sake of Google search this is recently being returned as "Unrecognized record version TLS-0.0 , plaintext connection?" – Jp_ Oct 06 '21 at 22:06

17 Answers17

301

I think this is due to the connection established with the client machine is not secure.

It is due to the fact that you are talking to an HTTP server, not an HTTPS server. Probably you didn't use the correct port number for HTTPS.

user207421
  • 305,947
  • 44
  • 307
  • 483
  • 9
    I have the same error, and I solved when I started using http instead of https. But when I place the link in browser with https it works! And I need to perform a safe query. Any idea on how can I solve the problem? – ccoutinho Mar 31 '14 at 14:06
  • 12
    @rsy When you 'placed the link ... with https' the browser would have changed to port 443 for you. You can do the same yourself. Indeed `HttpURLConnection` will automatically do it for you, if you don't specify a port at all. – user207421 Jun 09 '14 at 23:54
  • I assume that you can setup any port on your server to be HTTPS, it doesn't have to be a specific port? –  Aug 25 '17 at 07:50
  • 1
    @KarlSherwin It can be any port you like, subject to reservations, but if it isn't 443 you will have to cart that around yourself in all your URLs. – user207421 Apr 04 '18 at 06:21
  • 1
    Thanks a lot. Actually, I was using port 80 for an HTTPS connection. When I changed it to 443 it worked as expected. – Vipul Verma Jun 11 '21 at 11:29
  • @VipulVerma You were exporting a plaintext HTTP service on port 80 and trying to use it as though it was an HTTPS service, which it wasn't. – user207421 Jun 14 '23 at 10:28
  • I was using skprapeit, and that was the problem. I had to add the `443` port at the HTTPs request – polendina Aug 14 '23 at 13:36
21
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

You should have a local SMTP domain name that will contact the mail server and establishes a new connection as well you should change the SSL property in your programming below 

javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection

 props.put("mail.smtp.socketFactory.fallback", "true"); // Should be true
user207421
  • 305,947
  • 44
  • 307
  • 483
Thobith
  • 237
  • 2
  • 2
  • 16
    He is speaking HTTPS, not SMTP. -1 – user207421 Feb 13 '14 at 02:02
  • 2
    In my case that worked, thanks! javax.mail.MessagingException: Could not connect to SMTP host: mail.livemusicgo.com, port: 25; nested exception is: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? – surfealokesea Apr 22 '14 at 05:49
  • 1
    @surfealokesea The question is about HTTP and HTTPS, and an answer or a personal experience about SMTP isn't relevant. – user207421 Jul 03 '18 at 10:03
  • 1
    Yes but this is not just for him it is for other users that are having this same 'unrecognized ssl message'. +1 to you, Thobith – sam1370 Aug 27 '18 at 00:36
  • I also Had "javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?" Error and this worked out for me. In my case it was SMTP – Pasan Jayawickrama Jun 30 '22 at 14:36
11

I got the same error message when I forgot to log in to the company firewall, before performing a POST request through a proxy.

Jay
  • 558
  • 1
  • 7
  • 23
5

I got the same error. it was because I was accessing the https port using http.. The issue solved when I changed http to https.

Soumyajit Swain
  • 1,298
  • 1
  • 21
  • 35
  • 13
    No, you got the error when accessing the HTTP port via HTTPS. Read the error message. You connected to a plaintext target. The situation you described wouldn't have caused an SSLException, as you wouldn't have been using SSL. – user207421 Jul 02 '15 at 22:05
2

Adding this as an answer as it might help someone later.

I had to force jvm to use the IPv4 stack to resolve the error. My application used to work within company network, but while connecting from home it gave the same exception. No proxy involved. Added the jvm argument -Djava.net.preferIPv4Stack=true and all the https requests were behaving normally.

basiljames
  • 4,777
  • 4
  • 24
  • 41
1

If you are running local using spring i'd suggest use:

@Bean
public AmazonDynamoDB amazonDynamoDB() throws IOException {
    return AmazonDynamoDBClientBuilder.standard()
            .withCredentials(
                    new AWSStaticCredentialsProvider(
                            new BasicAWSCredentials("fake", "credencial")
                    )
            )
            .withClientConfiguration(new ClientConfigurationFactory().getConfig().withProtocol(Protocol.HTTP))
            .withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration("localhost:8443", "central"))
            .build();
}

It works for me using unit test.

Hope it's help!

Henrique
  • 76
  • 9
0

I face the same issue from Java application built in Jdevelopr 11.1.1.7 IDE. I solved the issue by unchecking the use of proxy form Project properties.

You can find it in the following: Project Properties -> (from left panle )Run/Debug/Profile ->Click (edit) form the right panel -> Tool Setting from the left panel -> uncheck (Use Proxy) option.

Salman
  • 1,236
  • 5
  • 30
  • 59
0

i solved my problem using port 25 and Following prop

mailSender.javaMailProperties.putAll([
                "mail.smtp.auth": "true",
                "mail.smtp.starttls.enable": "false",
                "mail.smtp.ssl.enable": "false",
                "mail.smtp.socketFactory.fallback": "true",
        ]);
srsajid
  • 1,717
  • 15
  • 12
0

In case you use Jetty version 9 or earlier you need to add it to jetty by

RUN java -jar ${JETTY_HOME}/start.jar --add-to-startd=https

and according to this Jetty: How to use SSL in Jetty client side

from Jetty version 10 it should work out of the box

Hard Worker
  • 995
  • 11
  • 33
-1

As EJP said, it's a message shown because of a call to a non-https protocol. If you are sure it is HTTPS, check your bypass proxy settings, and in case add your webservice host url to the bypass proxy list

user207421
  • 305,947
  • 44
  • 307
  • 483
Fabrizio Stellato
  • 1,727
  • 21
  • 52
-1

It worked for me now, I have change the setting of my google account as below: 

        System.out.println("Start");
        final String username = "myemail@gmail.com";
        final String password = "************";

        Properties props = new Properties();
        props.put("mail.smtp.auth", "true");
        props.put("mail.smtp.host", "smtp.gmail.com");
        props.put("mail.smtp.port", "465");
        props.put("mail.transport.protocol", "smtp");
        props.put("mail.smtp.starttls.enable", "true");
        props.put("mail.smtp.starttls.enable", "true");
        props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");

         Session session = Session.getInstance(props,
                  new javax.mail.Authenticator() {
                    protected PasswordAuthentication getPasswordAuthentication() {
                        return new PasswordAuthentication(username, password);
                    }
                  });


        try {
            Transport transport=session.getTransport();
            Message message = new MimeMessage(session);
            message.setFrom(new InternetAddress("myemail@gmail.com"));//formBean.getString("fromEmail")
            message.setRecipients(Message.RecipientType.TO,InternetAddress.parse("myemail@gmail.com"));
            message.setSubject("subject");//formBean.getString(
            message.setText("mailBody");
            transport.connect();
            transport.send(message, InternetAddress.parse("myemail@gmail.com"));//(message);

            System.out.println("Done");

        } catch (MessagingException e) {
            System.out.println("e="+e);
            e.printStackTrace();
            throw new RuntimeException(e);

        }

Though I have enabled SSL and TSL while running program in this link of same post. I spend a lot of time but than I realized and found this link. And done 2 following steps and setting control in google. :

  • Disable the 2-step verification (password and OTP)

  • Enabling to allow to access less secure app(Allow less secure apps: ON.)

Now I am able to send mail using above program.

Community
  • 1
  • 1
Gautam
  • 3,707
  • 5
  • 36
  • 57
-1

if connection is FTPS test:

FTPSClient ftpClient = new FTPSClient(protocol, false);

protocol = TLS,SSL and false = isImplicit.

Faxon Lander Montenegro
  • 487
  • 5
  • 7
-1

I got the same issue and it got resolved by setting "proxyUser" and "proxyPassword" in system properties.

System.setProperty("http.proxyUser", PROXY_USER);
System.setProperty("http.proxyPassword", PROXY_PASSWORD);

along with "proxyHost" and "proxyPort"

System.setProperty("http.proxyHost", PROXY_ADDRESS);
System.setProperty("http.proxyPort", PROXY_PORT);

Hope it will work.

Anil kumar
  • 416
  • 1
  • 6
  • 18
  • 1
    It will work if you are using the Apache HTTP client and you got an authorization exception. It will *not* work to solve the problem stated by the OP. – user207421 Jul 03 '18 at 10:04
-1

I was facing this exception when using Gmail.

In order to use Gmail I had to turn ON "Allow less secure apps".

This Gmail setting can be found at https://www.google.com/settings/security/lesssecureapps after login the gmail account.

Jose1755
  • 378
  • 3
  • 10
-1

I've got similar error using camel-mail component to send e-mails by gmail smtp.

The solution was changing from TLS port (587) to SSL port (465) as below:

<route id="sendMail">
  <from uri="jason:toEmail"/>
  <convertBodyTo type="java.lang.String"/>
  <setHeader headerName="Subject"><constant>Something</constant></setHeader>
  <to uri="smtps://smtp.gmail.com:465?username=myemail@gmail.com&amp;password=mypw&amp;to=someemail@gmail.com&amp;debugMode=true&amp;mail.smtp.starttls.enable=true"/>
</route>
Cleber Jorge Amaral
  • 1,316
  • 13
  • 26
-2

Maybe your default cerficate has expired. to renew it through admin console go "Security >SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore > Personal certificates" select the "default" alias and click on "renew" after then restart WAS.

Mithat Bozkurt
  • 547
  • 5
  • 17
-2

If you're running the Java process from the command line on Java 6 or earlier, adding this switch solved the issue above for me:

-Dhttps.protocols="TLSv1"

MarkL
  • 103
  • 1