SSL Client support

Sun May 31 15:42:00 EDT 2009

Hi guys, I have attached the server output, with ssl verbose.

Any help will be really appreciated!

One thing I'm seeing is that when I connect to the server from Firefox
the handshake negotiate to use TLS_DHE_RSA_WITH_AES_128_CBC_SHA
cyphersuite and using netty client the server show
SSL_RSA_WITH_RC4_128_MD5 cypher. I don't know, maybe it helps.

thanks!
Cesar.-

2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
> Sorry guys, I made a mistake with gmail ;-)
>
> I will copy again my client code in clean mode..
>
>        ChannelFactory factory = new NioClientSocketChannelFactory(
>                Executors.newCachedThreadPool(),
>                Executors.newCachedThreadPool());
>
>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>        bootstrap.setPipelineFactory(new HttpClientPipelineFactory(true));
>
>        bootstrap.setOption("tcpNoDelay", true);
>        bootstrap.setOption("keepAlive", true);
>
>        ChannelFuture future = bootstrap.connect(
>                new InetSocketAddress("10.1.0.100", 443));
>
>        // Wait until the connection attempt succeeds or fails.
>        Channel channel = future.awaitUninterruptibly().getChannel();
>        if (!future.isSuccess()) {
>            future.getCause().printStackTrace();
>            factory.releaseExternalResources();
>            return;
>        }
>
>            ChannelFuture hf;
>            try {
>                hf =
> channel.getPipeline().get(SslHandler.class).handshake(channel);
>                hf.awaitUninterruptibly();
>                if (!hf.isSuccess()) {
>                    logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
>                }
>            } catch (SSLException ex) {
>                Logger.getLogger(PCConnectDaemon.class.getName())
>                        .log(Level.SEVERE, null, ex);
>            }
>
>        // Send the HTTP request.
>        HttpRequest request = new DefaultHttpRequest(
>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>        request.addHeader(HttpHeaders.Names.HOST, 10.1.0.100);
>
>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>        httpCookieEncoder.addCookie("my-cookie", "foo");
>        httpCookieEncoder.addCookie("another-cookie", "bar");
>        request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
>        channel.write(request);
>
> I see the server logging the error after channel.write.
>
> Any idea?
>
> Thanks!
>
> Cesar.-
>
>
> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>> Hi Guys, I'm working with Netty to build the client side of my
>> project. I need to connect t oa Grizzly based server listening on port
>> 443 (ssl enabled).
>>
>> I'm getting this error on the server side:
>>
>> javax.net.ssl.SSLException: Unsupported record version Unknown-69.84
>>        at com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97)
>>        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:771)
>>        at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:686)
>>
>> And this is the way I have configured the SSLHandler:
>>
>>            System.setProperty("javax.net.ssl.trustStore", "certs/cacerts");
>>            System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>>
>>            SSLContext sslContext = SSLContext.getDefault();
>>            SSLEngine sslEngine = sslContext.createSSLEngine();
>>            sslEngine.setUseClientMode(true);
>>            pipeline.addFirst("sslHandler", new SslHandler(sslEngine, true));
>>
>> and my client code:
>>
>> ChannelFactory factory = new NioClientSocketChannelFactory(
>>                Executors.newCachedThreadPool(),
>>                Executors.newCachedThreadPool());
>>
>>        ClientBootstrap bootstrap = new ClientBootstrap(factory);
>>        bootstrap.setPipelineFactory(new HttpClientPipelineFactory(
>>                PCConnectProperties.getInstance().isSslSupported()));
>>
>>        bootstrap.setOption("tcpNoDelay", true);
>>        bootstrap.setOption("keepAlive", true);
>>
>>        ChannelFuture future = bootstrap.connect(
>>                new InetSocketAddress(PCConnectProperties
>>                .getInstance().getServerAddress(), port));
>>
>>        // Wait until the connection attempt succeeds or fails.
>>        Channel channel = future.awaitUninterruptibly().getChannel();
>>        if (!future.isSuccess()) {
>>            future.getCause().printStackTrace();
>>            factory.releaseExternalResources();
>>            return;
>>        }
>>
>>        if(PCConnectProperties.getInstance().isSslSupported()) {
>>            ChannelFuture hf;
>>            try {
>>                hf =
>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>>                hf.awaitUninterruptibly();
>>                if (!hf.isSuccess()) {
>>                    logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
>>                }
>>            } catch (SSLException ex) {
>>                Logger.getLogger(PCConnectDaemon.class.getName())
>>                        .log(Level.SEVERE, null, ex);
>>            }
>>        }
>>        // Send the HTTP request.
>>        HttpRequest request = new DefaultHttpRequest(
>>                HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>>        request.addHeader(HttpHeaders.Names.HOST, PCConnectProperties
>>                .getInstance().getServerAddress());
>>
>>        CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>>        httpCookieEncoder.addCookie("my-cookie", "foo");
>>        httpCookieEncoder.addCookie("another-cookie", "bar");
>>        request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
>>        channel.write(request);
>>
>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: out.txt
Url: http://lists.jboss.org/pipermail/netty-users/attachments/20090531/c2bee800/attachment.txt 