SOLVED: Re: SSL Client support

César Fernando Henriques cesar at alttab.com.ar
Tue Jun 2 19:37:10 EDT 2009 

I was passing the value true for startTLS in the SslHandler constructor.

Good luck

On Tue, Jun 2, 2009 at 8:19 PM, jasons2645 <jstevens at pillardata.com> wrote:
>
> I am running into the 'Unsupported record version' as well, but I'm not
> seeing where I am enabling TLS in my code.  What change did you have to make
> to not use TLS?
>
> Thanks!
>
>
> César Fernando Henriques wrote:
>>
>> It's done guys, some mistake I have been passing startTLS = true to
>> SSLHandler.
>>
>> Thanks anyway!
>>
>> cesar
>>
>> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>>> Hi guys, I have attached the server output, with ssl verbose.
>>>
>>> Any help will be really appreciated!
>>>
>>> One thing I'm seeing is that when I connect to the server from Firefox
>>> the handshake negotiate to use TLS_DHE_RSA_WITH_AES_128_CBC_SHA
>>> cyphersuite and using netty client the server show
>>> SSL_RSA_WITH_RC4_128_MD5 cypher. I don't know, maybe it helps.
>>>
>>> thanks!
>>> Cesar.-
>>>
>>>
>>> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>>>> Sorry guys, I made a mistake with gmail ;-)
>>>>
>>>> I will copy again my client code in clean mode..
>>>>
>>>>        ChannelFactory factory = new NioClientSocketChannelFactory(
>>>>                Executors.newCachedThreadPool(),
>>>>                Executors.newCachedThreadPool());
>>>>
>>>>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>>>>        bootstrap.setPipelineFactory(new
>>>> HttpClientPipelineFactory(true));
>>>>
>>>>        bootstrap.setOption("tcpNoDelay", true);
>>>>        bootstrap.setOption("keepAlive", true);
>>>>
>>>>        ChannelFuture future = bootstrap.connect(
>>>>                new InetSocketAddress("10.1.0.100", 443));
>>>>
>>>>        // Wait until the connection attempt succeeds or fails.
>>>>        Channel channel = future.awaitUninterruptibly().getChannel();
>>>>        if (!future.isSuccess()) {
>>>>            future.getCause().printStackTrace();
>>>>            factory.releaseExternalResources();
>>>>            return;
>>>>        }
>>>>
>>>>            ChannelFuture hf;
>>>>            try {
>>>>                hf =
>>>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>>>>                hf.awaitUninterruptibly();
>>>>                if (!hf.isSuccess()) {
>>>>                    logger.log(Level.SEVERE, "Handshake failed",
>>>> hf.getCause());
>>>>                }
>>>>            } catch (SSLException ex) {
>>>>                Logger.getLogger(PCConnectDaemon.class.getName())
>>>>                        .log(Level.SEVERE, null, ex);
>>>>            }
>>>>
>>>>        // Send the HTTP request.
>>>>        HttpRequest request = new DefaultHttpRequest(
>>>>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>>>>        request.addHeader(HttpHeaders.Names.HOST, 10.1.0.100);
>>>>
>>>>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>>>>        httpCookieEncoder.addCookie("my-cookie", "foo");
>>>>        httpCookieEncoder.addCookie("another-cookie", "bar");
>>>>        request.addHeader(HttpHeaders.Names.COOKIE,
>>>> httpCookieEncoder.encode());
>>>>        channel.write(request);
>>>>
>>>> I see the server logging the error after channel.write.
>>>>
>>>> Any idea?
>>>>
>>>> Thanks!
>>>>
>>>> Cesar.-
>>>>
>>>>
>>>> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>>>>> Hi Guys, I'm working with Netty to build the client side of my
>>>>> project. I need to connect t oa Grizzly based server listening on port
>>>>> 443 (ssl enabled).
>>>>>
>>>>> I'm getting this error on the server side:
>>>>>
>>>>> javax.net.ssl.SSLException: Unsupported record version Unknown-69.84
>>>>>        at
>>>>> com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97)
>>>>>        at
>>>>> com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:771)
>>>>>        at
>>>>> com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:686)
>>>>>
>>>>> And this is the way I have configured the SSLHandler:
>>>>>
>>>>>            System.setProperty("javax.net.ssl.trustStore",
>>>>> "certs/cacerts");
>>>>>            System.setProperty("javax.net.ssl.trustStorePassword",
>>>>> "changeit");
>>>>>
>>>>>            SSLContext sslContext = SSLContext.getDefault();
>>>>>            SSLEngine sslEngine = sslContext.createSSLEngine();
>>>>>            sslEngine.setUseClientMode(true);
>>>>>            pipeline.addFirst("sslHandler", new SslHandler(sslEngine,
>>>>> true));
>>>>>
>>>>> and my client code:
>>>>>
>>>>> ChannelFactory factory = new NioClientSocketChannelFactory(
>>>>>                Executors.newCachedThreadPool(),
>>>>>                Executors.newCachedThreadPool());
>>>>>
>>>>>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>>>>>        bootstrap.setPipelineFactory(new HttpClientPipelineFactory(
>>>>>                PCConnectProperties.getInstance().isSslSupported()));
>>>>>
>>>>>        bootstrap.setOption("tcpNoDelay", true);
>>>>>        bootstrap.setOption("keepAlive", true);
>>>>>
>>>>>        ChannelFuture future = bootstrap.connect(
>>>>>                new InetSocketAddress(PCConnectProperties
>>>>>                .getInstance().getServerAddress(), port));
>>>>>
>>>>>        // Wait until the connection attempt succeeds or fails.
>>>>>        Channel channel = future.awaitUninterruptibly().getChannel();
>>>>>        if (!future.isSuccess()) {
>>>>>            future.getCause().printStackTrace();
>>>>>            factory.releaseExternalResources();
>>>>>            return;
>>>>>        }
>>>>>
>>>>>        if(PCConnectProperties.getInstance().isSslSupported()) {
>>>>>            ChannelFuture hf;
>>>>>            try {
>>>>>                hf =
>>>>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>>>>>                hf.awaitUninterruptibly();
>>>>>                if (!hf.isSuccess()) {
>>>>>                    logger.log(Level.SEVERE, "Handshake failed",
>>>>> hf.getCause());
>>>>>                }
>>>>>            } catch (SSLException ex) {
>>>>>                Logger.getLogger(PCConnectDaemon.class.getName())
>>>>>                        .log(Level.SEVERE, null, ex);
>>>>>            }
>>>>>        }
>>>>>        // Send the HTTP request.
>>>>>        HttpRequest request = new DefaultHttpRequest(
>>>>>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>>>>>        request.addHeader(HttpHeaders.Names.HOST, PCConnectProperties
>>>>>                .getInstance().getServerAddress());
>>>>>
>>>>>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>>>>>        httpCookieEncoder.addCookie("my-cookie", "foo");
>>>>>        httpCookieEncoder.addCookie("another-cookie", "bar");
>>>>>        request.addHeader(HttpHeaders.Names.COOKIE,
>>>>> httpCookieEncoder.encode());
>>>>>        channel.write(request);
>>>>>
>>>>
>>>
>>
>> _______________________________________________
>> netty-users mailing list
>> netty-users at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/netty-users
>>
>>
>
> --
> View this message in context: http://n2.nabble.com/SOLVED%3A-Re%3A-SSL-Client-support-tp3003014p3015406.html
> Sent from the Netty User Group mailing list archive at Nabble.com.
>
>
> _______________________________________________
> netty-users mailing list
> netty-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/netty-users
>

More information about the netty-users mailing list