SSL Client support

César Fernando Henriques cesar at alttab.com.ar
Sun May 31 03:38:07 EDT 2009 

Sorry guys, I made a mistake with gmail ;-)

I will copy again my client code in clean mode..

        ChannelFactory factory = new NioClientSocketChannelFactory(
                Executors.newCachedThreadPool(),
                Executors.newCachedThreadPool());

        ClientBootstrap bootstrap = new ClientBootstrap(factory);
        bootstrap.setPipelineFactory(new HttpClientPipelineFactory(true));

        bootstrap.setOption("tcpNoDelay", true);
        bootstrap.setOption("keepAlive", true);

        ChannelFuture future = bootstrap.connect(
                new InetSocketAddress("10.1.0.100", 443));

        // Wait until the connection attempt succeeds or fails.
        Channel channel = future.awaitUninterruptibly().getChannel();
        if (!future.isSuccess()) {
            future.getCause().printStackTrace();
            factory.releaseExternalResources();
            return;
        }

            ChannelFuture hf;
            try {
                hf =
channel.getPipeline().get(SslHandler.class).handshake(channel);
                hf.awaitUninterruptibly();
                if (!hf.isSuccess()) {
                    logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
                }
            } catch (SSLException ex) {
                Logger.getLogger(PCConnectDaemon.class.getName())
                        .log(Level.SEVERE, null, ex);
            }

        // Send the HTTP request.
        HttpRequest request = new DefaultHttpRequest(
                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
        request.addHeader(HttpHeaders.Names.HOST, 10.1.0.100);

        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
        httpCookieEncoder.addCookie("my-cookie", "foo");
        httpCookieEncoder.addCookie("another-cookie", "bar");
        request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
        channel.write(request);

I see the server logging the error after channel.write.

Any idea?

Thanks!

Cesar.-


2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
> Hi Guys, I'm working with Netty to build the client side of my
> project. I need to connect t oa Grizzly based server listening on port
> 443 (ssl enabled).
>
> I'm getting this error on the server side:
>
> javax.net.ssl.SSLException: Unsupported record version Unknown-69.84
>        at com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97)
>        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:771)
>        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:686)
>
> And this is the way I have configured the SSLHandler:
>
>            System.setProperty("javax.net.ssl.trustStore", "certs/cacerts");
>            System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
>            SSLContext sslContext = SSLContext.getDefault();
>            SSLEngine sslEngine = sslContext.createSSLEngine();
>            sslEngine.setUseClientMode(true);
>            pipeline.addFirst("sslHandler", new SslHandler(sslEngine, true));
>
> and my client code:
>
> ChannelFactory factory = new NioClientSocketChannelFactory(
>                Executors.newCachedThreadPool(),
>                Executors.newCachedThreadPool());
>
>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>        bootstrap.setPipelineFactory(new HttpClientPipelineFactory(
>                PCConnectProperties.getInstance().isSslSupported()));
>
>        bootstrap.setOption("tcpNoDelay", true);
>        bootstrap.setOption("keepAlive", true);
>
>        ChannelFuture future = bootstrap.connect(
>                new InetSocketAddress(PCConnectProperties
>                .getInstance().getServerAddress(), port));
>
>        // Wait until the connection attempt succeeds or fails.
>        Channel channel = future.awaitUninterruptibly().getChannel();
>        if (!future.isSuccess()) {
>            future.getCause().printStackTrace();
>            factory.releaseExternalResources();
>            return;
>        }
>
>        if(PCConnectProperties.getInstance().isSslSupported()) {
>            ChannelFuture hf;
>            try {
>                hf =
> channel.getPipeline().get(SslHandler.class).handshake(channel);
>                hf.awaitUninterruptibly();
>                if (!hf.isSuccess()) {
>                    logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
>                }
>            } catch (SSLException ex) {
>                Logger.getLogger(PCConnectDaemon.class.getName())
>                        .log(Level.SEVERE, null, ex);
>            }
>        }
>        // Send the HTTP request.
>        HttpRequest request = new DefaultHttpRequest(
>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>        request.addHeader(HttpHeaders.Names.HOST, PCConnectProperties
>                .getInstance().getServerAddress());
>
>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>        httpCookieEncoder.addCookie("my-cookie", "foo");
>        httpCookieEncoder.addCookie("another-cookie", "bar");
>        request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
>        channel.write(request);
>

More information about the netty-users mailing list