SOLVED: Re: SSL Client support
César Fernando Henriques
cesar at alttab.com.ar
Sun May 31 15:59:44 EDT 2009
It's done guys, some mistake I have been passing startTLS = true to SSLHandler.
Thanks anyway!
cesar
2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
> Hi guys, I have attached the server output, with ssl verbose.
>
> Any help will be really appreciated!
>
> One thing I'm seeing is that when I connect to the server from Firefox
> the handshake negotiate to use TLS_DHE_RSA_WITH_AES_128_CBC_SHA
> cyphersuite and using netty client the server show
> SSL_RSA_WITH_RC4_128_MD5 cypher. I don't know, maybe it helps.
>
> thanks!
> Cesar.-
>
>
> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>> Sorry guys, I made a mistake with gmail ;-)
>>
>> I will copy again my client code in clean mode..
>>
>> ChannelFactory factory = new NioClientSocketChannelFactory(
>> Executors.newCachedThreadPool(),
>> Executors.newCachedThreadPool());
>>
>> ClientBootstrap bootstrap = new ClientBootstrap(factory);
>> bootstrap.setPipelineFactory(new HttpClientPipelineFactory(true));
>>
>> bootstrap.setOption("tcpNoDelay", true);
>> bootstrap.setOption("keepAlive", true);
>>
>> ChannelFuture future = bootstrap.connect(
>> new InetSocketAddress("10.1.0.100", 443));
>>
>> // Wait until the connection attempt succeeds or fails.
>> Channel channel = future.awaitUninterruptibly().getChannel();
>> if (!future.isSuccess()) {
>> future.getCause().printStackTrace();
>> factory.releaseExternalResources();
>> return;
>> }
>>
>> ChannelFuture hf;
>> try {
>> hf =
>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>> hf.awaitUninterruptibly();
>> if (!hf.isSuccess()) {
>> logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
>> }
>> } catch (SSLException ex) {
>> Logger.getLogger(PCConnectDaemon.class.getName())
>> .log(Level.SEVERE, null, ex);
>> }
>>
>> // Send the HTTP request.
>> HttpRequest request = new DefaultHttpRequest(
>> HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>> request.addHeader(HttpHeaders.Names.HOST, 10.1.0.100);
>>
>> CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>> httpCookieEncoder.addCookie("my-cookie", "foo");
>> httpCookieEncoder.addCookie("another-cookie", "bar");
>> request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
>> channel.write(request);
>>
>> I see the server logging the error after channel.write.
>>
>> Any idea?
>>
>> Thanks!
>>
>> Cesar.-
>>
>>
>> 2009/5/31 César Fernando Henriques <cesar at alttab.com.ar>:
>>> Hi Guys, I'm working with Netty to build the client side of my
>>> project. I need to connect t oa Grizzly based server listening on port
>>> 443 (ssl enabled).
>>>
>>> I'm getting this error on the server side:
>>>
>>> javax.net.ssl.SSLException: Unsupported record version Unknown-69.84
>>> at com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97)
>>> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:771)
>>> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:686)
>>>
>>> And this is the way I have configured the SSLHandler:
>>>
>>> System.setProperty("javax.net.ssl.trustStore", "certs/cacerts");
>>> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>>>
>>> SSLContext sslContext = SSLContext.getDefault();
>>> SSLEngine sslEngine = sslContext.createSSLEngine();
>>> sslEngine.setUseClientMode(true);
>>> pipeline.addFirst("sslHandler", new SslHandler(sslEngine, true));
>>>
>>> and my client code:
>>>
>>> ChannelFactory factory = new NioClientSocketChannelFactory(
>>> Executors.newCachedThreadPool(),
>>> Executors.newCachedThreadPool());
>>>
>>> ClientBootstrap bootstrap = new ClientBootstrap(factory);
>>> bootstrap.setPipelineFactory(new HttpClientPipelineFactory(
>>> PCConnectProperties.getInstance().isSslSupported()));
>>>
>>> bootstrap.setOption("tcpNoDelay", true);
>>> bootstrap.setOption("keepAlive", true);
>>>
>>> ChannelFuture future = bootstrap.connect(
>>> new InetSocketAddress(PCConnectProperties
>>> .getInstance().getServerAddress(), port));
>>>
>>> // Wait until the connection attempt succeeds or fails.
>>> Channel channel = future.awaitUninterruptibly().getChannel();
>>> if (!future.isSuccess()) {
>>> future.getCause().printStackTrace();
>>> factory.releaseExternalResources();
>>> return;
>>> }
>>>
>>> if(PCConnectProperties.getInstance().isSslSupported()) {
>>> ChannelFuture hf;
>>> try {
>>> hf =
>>> channel.getPipeline().get(SslHandler.class).handshake(channel);
>>> hf.awaitUninterruptibly();
>>> if (!hf.isSuccess()) {
>>> logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
>>> }
>>> } catch (SSLException ex) {
>>> Logger.getLogger(PCConnectDaemon.class.getName())
>>> .log(Level.SEVERE, null, ex);
>>> }
>>> }
>>> // Send the HTTP request.
>>> HttpRequest request = new DefaultHttpRequest(
>>> HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
>>> request.addHeader(HttpHeaders.Names.HOST, PCConnectProperties
>>> .getInstance().getServerAddress());
>>>
>>> CookieEncoder httpCookieEncoder = new CookieEncoder(false);
>>> httpCookieEncoder.addCookie("my-cookie", "foo");
>>> httpCookieEncoder.addCookie("another-cookie", "bar");
>>> request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
>>> channel.write(request);
>>>
>>
>
More information about the netty-users
mailing list