I want to send/receive information from my website (https not http) so I try to use Java method / Apache / okhttp and I have the same problem :
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Unknown Source)
at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at fr.eclypsegames.merged.module@1.0.0/org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(Unknown Source)
this is the code I use in Apache that generates me the previous error :
SSLContextBuilder SSLBuilder = SSLContexts.custom();
SSLBuilder = SSLBuilder.loadTrustMaterial(Main.class.getResource("cacerts.jks"), "changeit".toCharArray());
SSLContext sslContext = SSLBuilder.build();
// SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());
SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}, new String[]{"RSA"}, SSLConnectionSocketFactory.getDefaultHostnameVerifier());
HttpClientBuilder clientbuilder = HttpClients.custom();
clientbuilder.setSSLSocketFactory(sslConSocFactory);
CloseableHttpClient httpClient = clientbuilder.build();
HttpPost uploadFile = new HttpPost(myURL);
uploadFile.setEntity(multipart);
CloseableHttpResponse response = httpClient.execute(uploadFile);
HttpEntity responseEntity = response.getEntity();
InputStream inputStream = responseEntity.getContent();
Scanner sc = new Scanner(inputStream).useDelimiter("\\A");
And finally, this is the public information relating to my website :
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = eclypsegames.fr
verify return:1
write W BLOCK
---
Certificate chain
0 s:/CN=eclypsegames.fr
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISA/OykyxAybOykERegIAej5tPMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjAzMDExODM4MjZaFw0yMjA1MzAxODM4MjVaMBoxGDAWBgNVBAME
vE+ZAmqhzYpdOTLIybnIaXgesAdn1DaO0afiRd1MoywmQaqR/vmrrTmoh6d7B0TP
x2MQfdgMhUAEnVBb+KnrLFnr7AMYhY5nMNMvdTn9dMPa+NmQoxZfHnTm8V1j2odH
U7WBLkD3ZT4wzNiE
-----END CERTIFICATE-----
subject=/CN=eclypsegames.fr
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 4740 bytes and written 386 bytes
---
New, TLSv1/SSLv3, Cipher is AEAD-CHACHA20-POLY1305-SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.3
Cipher : AEAD-CHACHA20-POLY1305-SHA256
Session-ID:
Session-ID-ctx:
Master-Key:
Start Time: 1646948026
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
read R BLOCK
read R BLOCK
closed
In addition, the constraint of my project and the fact that it is able to work on all OS, because the goal is to make it an application (.app / .exe / .deb / …)
