SOLVED: Re: SSL Client support

jasons2645 jstevens at pillardata.com
Tue Jun 2 19:19:43 EDT 2009


I am running into the 'Unsupported record version' as well, but I'm not
seeing where I am enabling TLS in my code.  What change did you have to make
to not use TLS?

Thanks!


César Fernando Henriques wrote:
> 
> It's done guys, some mistake I have been passing startTLS = true to
> SSLHandler.
> 
> Thanks anyway!
> 
> cesar
> 
> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>> Hi guys, I have attached the server output, with ssl verbose.
>>
>> Any help will be really appreciated!
>>
>> One thing I'm seeing is that when I connect to the server from Firefox
>> the handshake negotiate to use TLS_DHE_RSA_WITH_AES_128_CBC_SHA
>> cyphersuite and using netty client the server show
>> SSL_RSA_WITH_RC4_128_MD5 cypher. I don't know, maybe it helps.
>>
>> thanks!
>> Cesar.-
>>
>>
>> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>>> Sorry guys, I made a mistake with gmail ;-)
>>>
>>> I will copy again my client code in clean mode..
>>>
>>>        ChannelFactory factory = new NioClientSocketChannelFactory(
>>>                Executors.newCachedThreadPool(),
>>>                Executors.newCachedThreadPool());
>>>
>>>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>>>        bootstrap.setPipelineFactory(new
>>> HttpClientPipelineFactory(true));
>>>
>>>        bootstrap.setOption("tcpNoDelay", true);
>>>        bootstrap.setOption("keepAlive", true);
>>>
>>>        ChannelFuture future = bootstrap.connect(
>>>                new InetSocketAddress("10.1.0.100", 443));
>>>
>>>        // Wait until the connection attempt succeeds or fails.
>>>        Channel channel = future.awaitUninterruptibly().getChannel();
>>>        if (!future.isSuccess()) {
>>>            future.getCause().printStackTrace();
>>>            factory.releaseExternalResources();
>>>            return;
>>>        }
>>>
>>>            ChannelFuture hf;
>>>            try {
>>>                hf =
>>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>>>                hf.awaitUninterruptibly();
>>>                if (!hf.isSuccess()) {
>>>                    logger.log(Level.SEVERE, "Handshake failed",
>>> hf.getCause());
>>>                }
>>>            } catch (SSLException ex) {
>>>                Logger.getLogger(PCConnectDaemon.class.getName())
>>>                        .log(Level.SEVERE, null, ex);
>>>            }
>>>
>>>        // Send the HTTP request.
>>>        HttpRequest request = new DefaultHttpRequest(
>>>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>>>        request.addHeader(HttpHeaders.Names.HOST, 10.1.0.100);
>>>
>>>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>>>        httpCookieEncoder.addCookie("my-cookie", "foo");
>>>        httpCookieEncoder.addCookie("another-cookie", "bar");
>>>        request.addHeader(HttpHeaders.Names.COOKIE,
>>> httpCookieEncoder.encode());
>>>        channel.write(request);
>>>
>>> I see the server logging the error after channel.write.
>>>
>>> Any idea?
>>>
>>> Thanks!
>>>
>>> Cesar.-
>>>
>>>
>>> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>>>> Hi Guys, I'm working with Netty to build the client side of my
>>>> project. I need to connect t oa Grizzly based server listening on port
>>>> 443 (ssl enabled).
>>>>
>>>> I'm getting this error on the server side:
>>>>
>>>> javax.net.ssl.SSLException: Unsupported record version Unknown-69.84
>>>>        at
>>>> com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97)
>>>>        at
>>>> com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:771)
>>>>        at
>>>> com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:686)
>>>>
>>>> And this is the way I have configured the SSLHandler:
>>>>
>>>>            System.setProperty("javax.net.ssl.trustStore",
>>>> "certs/cacerts");
>>>>            System.setProperty("javax.net.ssl.trustStorePassword",
>>>> "changeit");
>>>>
>>>>            SSLContext sslContext = SSLContext.getDefault();
>>>>            SSLEngine sslEngine = sslContext.createSSLEngine();
>>>>            sslEngine.setUseClientMode(true);
>>>>            pipeline.addFirst("sslHandler", new SslHandler(sslEngine,
>>>> true));
>>>>
>>>> and my client code:
>>>>
>>>> ChannelFactory factory = new NioClientSocketChannelFactory(
>>>>                Executors.newCachedThreadPool(),
>>>>                Executors.newCachedThreadPool());
>>>>
>>>>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>>>>        bootstrap.setPipelineFactory(new HttpClientPipelineFactory(
>>>>                PCConnectProperties.getInstance().isSslSupported()));
>>>>
>>>>        bootstrap.setOption("tcpNoDelay", true);
>>>>        bootstrap.setOption("keepAlive", true);
>>>>
>>>>        ChannelFuture future = bootstrap.connect(
>>>>                new InetSocketAddress(PCConnectProperties
>>>>                .getInstance().getServerAddress(), port));
>>>>
>>>>        // Wait until the connection attempt succeeds or fails.
>>>>        Channel channel = future.awaitUninterruptibly().getChannel();
>>>>        if (!future.isSuccess()) {
>>>>            future.getCause().printStackTrace();
>>>>            factory.releaseExternalResources();
>>>>            return;
>>>>        }
>>>>
>>>>        if(PCConnectProperties.getInstance().isSslSupported()) {
>>>>            ChannelFuture hf;
>>>>            try {
>>>>                hf =
>>>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>>>>                hf.awaitUninterruptibly();
>>>>                if (!hf.isSuccess()) {
>>>>                    logger.log(Level.SEVERE, "Handshake failed",
>>>> hf.getCause());
>>>>                }
>>>>            } catch (SSLException ex) {
>>>>                Logger.getLogger(PCConnectDaemon.class.getName())
>>>>                        .log(Level.SEVERE, null, ex);
>>>>            }
>>>>        }
>>>>        // Send the HTTP request.
>>>>        HttpRequest request = new DefaultHttpRequest(
>>>>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>>>>        request.addHeader(HttpHeaders.Names.HOST, PCConnectProperties
>>>>                .getInstance().getServerAddress());
>>>>
>>>>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>>>>        httpCookieEncoder.addCookie("my-cookie", "foo");
>>>>        httpCookieEncoder.addCookie("another-cookie", "bar");
>>>>        request.addHeader(HttpHeaders.Names.COOKIE,
>>>> httpCookieEncoder.encode());
>>>>        channel.write(request);
>>>>
>>>
>>
> 
> _______________________________________________
> netty-users mailing list
> netty-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/netty-users
> 
> 

-- 
View this message in context: http://n2.nabble.com/SOLVED%3A-Re%3A-SSL-Client-support-tp3003014p3015406.html
Sent from the Netty User Group mailing list archive at Nabble.com.





More information about the netty-users mailing list