0

We went through couple of solutions provided on tranferring files using FTPS. They are working fine with lower versions of Java like Java 11 etc. But are facing the same "SSL peer shut down incorrectly" issue in Java 17. Please let us know if there is any solution for Java 17.

Reffered Links :

How to connect to FTPS server with data connection using same TLS session? (Solution working fine in Java 11)

Stack trace:

Caused by: java.io.EOFException: SSL peer shut down incorrectly at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:483) at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:472) at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:160) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:111) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1505) ... 9 more

Already tried below links:

FTPSClient throw exception javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

Solution:

Adding System.setProperty("jdk.tls.client.enableSessionTicketExtension", "false") fixed the issue!

Rajesh Garaga
  • 1
  • 1
  • You should first check what TLS versions and ciphers are supported by the server. E.g. using https://www.ssllabs.com/ssltest/ or for non-public servers you can download and use https://testssl.sh You can also enable SSL/TLS debugging in Java to get detailed output. https://stackoverflow.com/a/30104610/150978 – Robert Jun 01 '23 at 14:33
  • Thanks for the response Robert. We have verified and they are same in server and client. Please note the same program/code is working in Java 11 and failing in Java 17 – Rajesh Garaga Jun 05 '23 at 14:28
  • Then create TLS debug log and check what is going wrong. BTW: The linked FTPS code uses `setTrustManager(TrustManagerUtils.getAcceptAllTrustManager());` so TLS is broken by design in your application if you really use this code. – Robert Jun 05 '23 at 14:55
  • Issue was fixed after adding System.setProperty("jdk.tls.client.enableSessionTicketExtension", "false"); Looks like this is needed in JAVA 17 – Rajesh Garaga Jun 07 '23 at 11:20
  • Feel free to write a full answer best with a little description what the impact of the mentioned property is and why you need it. – Robert Jun 07 '23 at 15:42

0 Answers0