Reputation: 51
SSL connection with specific protocol version
I'm trying to perform SSL connection with specific protocol version, with the following JAVA code:
System.out.println("Locating socket factory for SSL...");
SSLSocketFactory sslsocketfactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
System.out.println("Creating secure socket to " + https_url + ":443");
SSLSocket sslSocket = (SSLSocket)sslsocketfactory.createSocket();
String []protocol = {"SSLv2Hello"};
sslSocket.setEnabledProtocols(protocol);
SocketAddress addr = new InetSocketAddress(https_url,443);
sslSocket.connect(addr);
String [] P = sslSocket.getEnabledProtocols();
System.out.println("Enabled Protocol: " + Arrays.toString(P));
When running the code, I get the following exception:
Exception in thread "main" java.lang.IllegalArgumentException: SSLv2Hello cannot be enabled unless at least one other supported version is also enabled.
at sun.security.ssl.ProtocolList.(Unknown Source)
at sun.security.ssl.ProtocolList.(Unknown Source)
at sun.security.ssl.SSLSocketImpl.setEnabledProtocols(Unknown Source)
at CheckByURL.test(CheckByURL.java:36)
at CheckByURL.main(CheckByURL.java:15)
When I tried with other SSL version, it worked well.
Some one know how to solve this issue?
Upvotes: 4
Views: 6141
Answers (2)
Reputation: 310840
Oracle Java doesn't support SSLv2. It only supports the SSLv2Hello message in conjunction with higher levels of the protocol, for certain ancient websites that require it. Hence the error message you got. SSLv2Hello is a pseudo-protocol, which just tells Java to start with the SSLv2Hello message instead of the SSLv3 or TLS Hello messages.
I believe IBM's JRE supports SSLv2.
However it is almost certain that the server you're trying to connect to also supports SSLv3, TLS, etc (and if it doesn't it should be upgraded, or taken offline as insecure). So just leave the enabled cipher suites alone and you should be able to connect with the Oracle JRE.
Upvotes: 4
Reputation: 3206
For an answer, it would be best to refer to https://www.rfc-editor.org/rfc/rfc6176
In the short, SSL V2 is discontinued on the server side, however the initial SSL V2 client request may be accepted, but negotiation should never settle on V2.
Upvotes: 1
Related Questions
- SSL compatibilty in java 1.4
- How to get Used protocol SSL or TLS of which version
- How do I set SSL protocol version in java? And how do I know which one? javax.net.ssl.SSLException: Received fatal alert: protocol_version
- Java SSL Exception, protocol_version when trying to use HttpClient to log into a website
- Java SSL/TLS Version Setting
- How make SSL server socket support both http & https in java?
- The SSL / TLS handshake between a "Java 1.7 TLS 1.2 server" and a "Java 1.6 client"
- Get SSL Version used in HttpsURLConnection - Java
- SSL connection from Java
- Is there a way to establish a HTTPS Connection with Java 1.3?