SSL handshake failed

You are here

SSL handshake failed

9 posts / 0 new
Last post
Matthias Vogel
Matthias Vogel's picture
SSL handshake failed

We are using mendelson opensource OFTP2 1.0 build 33, version date 10-02-16 9:24a, Community edition.

Our customer (AUDI/VW) tries to send us data. The connection fails with the error message in systemactivity.log you can find below. What means '...Caused by: javax.net.ssl.SSLException: Received fatal alert: unexpected_message...'? What's the reason? Can I do further debugging? Thanks in advance.

javax.net.ssl.SSLHandshakeException: SSL handshake failed.
	at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:507)
	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:542)
	at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:48)
	at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:943)
	at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109)
	at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:542)
	at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:535)
	at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:714)
	at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:668)
	at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:657)
	at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:67)
	at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1121)
	at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLException: Received fatal alert: unexpected_message
	at sun.security.ssl.Alerts.getSSLException(Unknown Source)
	at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
	at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
	at sun.security.ssl.SSLEngineImpl.recvAlert(Unknown Source)
	at sun.security.ssl.SSLEngineImpl.readRecord(Unknown Source)
	at sun.security.ssl.SSLEngineImpl.readNetRecord(Unknown Source)
	at sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
	at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
	at org.apache.mina.filter.ssl.SslHandler.unwrap(SslHandler.java:748)
	at org.apache.mina.filter.ssl.SslHandler.unwrapHandshake(SslHandler.java:683)
	at org.apache.mina.filter.ssl.SslHandler.handshake(SslHandler.java:569)
	at org.apache.mina.filter.ssl.SslHandler.messageReceived(SslHandler.java:355)
	at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:488)
	... 15 more
service
service's picture

Matthias Vogel,

you could set the program into SSL debug state to see what exactly happens there:

https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/Rea...

But the easiest way is to update to the current version (b35) - looks like an issue where a special digest or protocol level is required and is not supported by b33.

Regards

Matthias Vogel
Matthias Vogel's picture

Thank you for the quick response. I just updated to the current version (b35). Now I'm waiting for the next attempt of AUDI/VW server to send the data. Let's see what happens...

To my understanding: What is the script for starting the server on windows in SSL debug state? Does it look like this?

jre\bin\java -Xmx1300M -Xms92M -classpath "oftp2.jar" -Djavax.net.debug=all

Matthias Vogel
Matthias Vogel's picture

The problem remains with version b35. I found out how to start the server with ssl debugging enabled. So I have to wait again for the next attempt to send data. Then I will post the debug log content.

Matthias Vogel
Matthias Vogel's picture

Today the SSL handshake failed again. I uploaded the SSL debug log file.

As of line 6.573 in the log file part 3, there are entries for the SSLException unexpected_message.

Is it a java runtime version bug?

Matthias Vogel
Matthias Vogel's picture

Log file part 1.1:

Matthias Vogel
Matthias Vogel's picture

Log file part 1.2:

Matthias Vogel
Matthias Vogel's picture

Log file part 2.1:

Matthias Vogel
Matthias Vogel's picture

Log file part 2.2: