java.net.ConnectException: Received fatal alert: unexpected_message

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

java.net.ConnectException: Received fatal alert: unexpected_message

Sean Dawson

Hello,

We have a server that makes a request to another one using (com.ning) AsyncHttpClient and we're having an issue getting TLS working. I've looked at quite a few Google results but they don't seem to apply; or the suggestions don't make a difference in our case.

Java 1.8.0_131
Both servers on same machine, using same Java
Source server is using async-http-client 1.9.18
Destination server is using Jetty 9.4.7.v20170914

Tried...

Variations of combinations/permutations for https.protocols
-Dcom.sun.net.ssl.enableECC=false -Djsse.enableSNIExtension=false

Here's debug output (with a couple small portions manually removed, indicated with ellipses)...

Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
trustStore is: c:\temp\selfsigned.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
  Subject: CN=localhost, OU=Q, O=I, L=P, ST=M, C=U
  Issuer:  CN=localhost, OU=Q, O=I, L=P, ST=M, C=U
  Algorithm: RSA; Serial number: 0x5a80280b
  Valid from Tue Nov 07 15:53:43 EST 2017 until Mon Feb 05 15:53:43 EST 2018

trigger seeding of SecureRandom
done seeding SecureRandom
Using SSLEngineImpl.

...

trigger seeding of SecureRandom
done seeding SecureRandom
trustStore is: c:\temp\selfsigned.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
  Subject: CN=localhost, OU=Q, O=I, L=P, ST=M, C=U
  Issuer:  CN=localhost, OU=Q, O=I, L=P, ST=M, C=U
  Algorithm: RSA; Serial number: 0x5a80280b
  Valid from Tue Nov 07 15:53:43 EST 2017 until Mon Feb 05 15:53:43 EST 2018

keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trigger seeding of SecureRandom
done seeding SecureRandom
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1510241429 bytes = { ... }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
[write] MD5 and SHA1 hashes:  len = 161
0000: 01 00 00 9D 03 03 5A 04   75 95 24 2F A6 B1 8C 45  ......Z.u.$/...E
...
0090: 01 05 03 05 01 04 03 04   01 04 02 02 03 02 01 02  ................
00A0: 02                                                 .
New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161
[write] MD5 and SHA1 hashes:  len = 140
0000: 01 03 03 00 63 00 00 00   20 00 C0 23 00 C0 27 00  ....c... ..#..'.
...
0080: 07 06 BB A0 AB 39 66 80   95 55 14 65              .....9f..U.e
New I/O worker #10, WRITE: SSLv2 client hello message, length = 140
[Raw write]: length = 142
0000: 80 8C 01 03 03 00 63 00   00 00 20 00 C0 23 00 C0  ......c... ..#..
...
0080: ED B2 07 06 BB A0 AB 39   66 80 95 55 14 65        .......9f..U.e
[Raw read]: length = 5
0000: 15 03 03 00 02                                     .....
[Raw read]: length = 2
0000: 02 0A                                              ..
New I/O worker #10, READ: TLSv1.2 Alert, length = 2
New I/O worker #10, RECV TLSv1.2 ALERT:  fatal, unexpected_message
New I/O worker #10, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLException: Received fatal alert: unexpected_message
New I/O worker #10, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLException: Received fatal alert: unexpected_message
New I/O worker #10, called closeOutbound()
New I/O worker #10, closeOutboundInternal()
New I/O worker #10, SEND TLSv1.2 ALERT:  warning, description = close_notify
New I/O worker #10, WRITE: TLSv1.2 Alert, length = 2
New I/O worker #10, called closeInbound()
New I/O worker #10, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
[Raw write]: length = 7
0000: 15 03 03 00 02 01 00                               .......
New I/O worker #10, called closeOutbound()
New I/O worker #10, closeOutboundInternal()
09 Nov 2017 10:34:46.014 25   ERROR                [                        ] java.net.ConnectException: Received fatal alert: unexpected_message

Thanks for any suggestions.

Reply | Threaded
Open this post in threaded view
|

Re: java.net.ConnectException: Received fatal alert: unexpected_message

Jaikiran Pai
 > Java 1.8.0_131
 > Both servers on same machine, using same Java
 > Source server is using async-http-client 1.9.18
 > Destination server is using Jetty 9.4.7.v20170914

....

 > New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161
 > [write] MD5 and SHA1 hashes:  len = 140
 > 0000: 01 03 03 00 63 00 00 00   20 00 C0 23 00 C0 27 00 ....c... ..#..'.
 > ...
 > 0080: 07 06 BB A0 AB 39 66 80   95 55 14 65 .....9f..U.e
 > New I/O worker #10, WRITE: SSLv2 client hello message, length = 140

It looks like the async-http-client is sending a SSLv2 client hello
message during the handshake and I'm guessing Jetty doesn't support (or
maybe has disabled) SSLv2Hello handshake messages. What SSL protocols
have you enabled on both these sides? If you haven't explicitly enabled
any, then what do they default to in these libraries/servers?

-Jaikiran

Reply | Threaded
Open this post in threaded view
|

Re: java.net.ConnectException: Received fatal alert: unexpected_message

Sean Dawson

Thanks for the reply. This is one of the latest versions of Jetty so I would hope that it would support that. But I've also tried specifying various other http.protocols on both sides but it hasn't seemed to change the result. Any other flags or things I should try?


On Fri, Nov 10, 2017 at 11:48 PM, Jaikiran Pai <[hidden email]> wrote:
> Java 1.8.0_131
> Both servers on same machine, using same Java
> Source server is using async-http-client 1.9.18
> Destination server is using Jetty 9.4.7.v20170914

....

> New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161
> [write] MD5 and SHA1 hashes:  len = 140
> 0000: 01 03 03 00 63 00 00 00   20 00 C0 23 00 C0 27 00 ....c... ..#..'.
> ...
> 0080: 07 06 BB A0 AB 39 66 80   95 55 14 65 .....9f..U.e
> New I/O worker #10, WRITE: SSLv2 client hello message, length = 140

It looks like the async-http-client is sending a SSLv2 client hello message during the handshake and I'm guessing Jetty doesn't support (or maybe has disabled) SSLv2Hello handshake messages. What SSL protocols have you enabled on both these sides? If you haven't explicitly enabled any, then what do they default to in these libraries/servers?

-Jaikiran


Reply | Threaded
Open this post in threaded view
|

AW: java.net.ConnectException: Received fatal alert:unexpected_message

Bernd Eckenfels-4

The newer the Jetty Server is the more unlikely it Supports the old and unsafe SSL2 handshake. You should not enable the SSL2Hello pseudo protocol on Client side. JDK certainly does not by Default.

 

Gruss

Bernd

--
http://bernd.eckenfels.net

 

Von: [hidden email]
Gesendet: Sonntag, 12. November 2017 20:24
An: [hidden email]
Betreff: Re: java.net.ConnectException: Received fatal alert:unexpected_message

 

 

Thanks for the reply. This is one of the latest versions of Jetty so I would hope that it would support that. But I've also tried specifying various other http.protocols on both sides but it hasn't seemed to change the result. Any other flags or things I should try?

 

On Fri, Nov 10, 2017 at 11:48 PM, Jaikiran Pai <[hidden email]> wrote:

> Java 1.8.0_131
> Both servers on same machine, using same Java
> Source server is using async-http-client 1.9.18
> Destination server is using Jetty 9.4.7.v20170914

....

> New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161
> [write] MD5 and SHA1 hashes:  len = 140
> 0000: 01 03 03 00 63 00 00 00   20 00 C0 23 00 C0 27 00 ....c... ..#..'.
> ...
> 0080: 07 06 BB A0 AB 39 66 80   95 55 14 65 .....9f..U.e
> New I/O worker #10, WRITE: SSLv2 client hello message, length = 140

It looks like the async-http-client is sending a SSLv2 client hello message during the handshake and I'm guessing Jetty doesn't support (or maybe has disabled) SSLv2Hello handshake messages. What SSL protocols have you enabled on both these sides? If you haven't explicitly enabled any, then what do they default to in these libraries/servers?

-Jaikiran

 

 

Reply | Threaded
Open this post in threaded view
|

Re: java.net.ConnectException: Received fatal alert:unexpected_message

Sean Dawson

Thank you for the responses - turns out that even though I was using the latest version of AsyncHttpClient that I found in maven; there was another slightly different one that was more current - and seems to work.

Old:
https://mvnrepository.com/artifact/com.ning/async-http-client

Newer:
https://mvnrepository.com/artifact/org.asynchttpclient/async-http-client


On Sun, Nov 12, 2017 at 4:05 PM, Bernd Eckenfels <[hidden email]> wrote:

The newer the Jetty Server is the more unlikely it Supports the old and unsafe SSL2 handshake. You should not enable the SSL2Hello pseudo protocol on Client side. JDK certainly does not by Default.

 

Gruss

Bernd

--
http://bernd.eckenfels.net

 

Von: [hidden email]
Gesendet: Sonntag, 12. November 2017 20:24
An: [hidden email]
Betreff: Re: java.net.ConnectException: Received fatal alert:unexpected_message

 

 

Thanks for the reply. This is one of the latest versions of Jetty so I would hope that it would support that. But I've also tried specifying various other http.protocols on both sides but it hasn't seemed to change the result. Any other flags or things I should try?

 

On Fri, Nov 10, 2017 at 11:48 PM, Jaikiran Pai <[hidden email]> wrote:

> Java 1.8.0_131
> Both servers on same machine, using same Java
> Source server is using async-http-client 1.9.18
> Destination server is using Jetty 9.4.7.v20170914

....

> New I/O worker #10, WRITE: TLSv1.2 Handshake, length = 161
> [write] MD5 and SHA1 hashes:  len = 140
> 0000: 01 03 03 00 63 00 00 00   20 00 C0 23 00 C0 27 00 ....c... ..#..'.
> ...
> 0080: 07 06 BB A0 AB 39 66 80   95 55 14 65 .....9f..U.e
> New I/O worker #10, WRITE: SSLv2 client hello message, length = 140

It looks like the async-http-client is sending a SSLv2 client hello message during the handshake and I'm guessing Jetty doesn't support (or maybe has disabled) SSLv2Hello handshake messages. What SSL protocols have you enabled on both these sides? If you haven't explicitly enabled any, then what do they default to in these libraries/servers?

-Jaikiran