Getting javax.net.ssl.SSLProtocolException: end of file

Question

After I upgraded the IHS server from 7.0.0.33 to 7.0.0.37..

In the latest IHS server SSLv3 is completely disabled..

My following piece of code

HttpURLConnection urlConn = (HttpURLConnection)url.openConnection();
urlConn.setUseCaches(false);
urlConn.setRequestMethod("POST");
urlConn.setDoOutput(true);
DataOutputStream os = new DataOutputStream(urlConn.getOutputStream());  
os.writeBytes( obj.toString());
os.flush();
os.close();

I found that

 DataOutputStream os = new DataOutputStream(urlConn.getOutputStream()); 

Here the code is breaking and showing the "protocol not supported" after that its throwing the following error

[5/13/15 14:00:47:730 GMT] 0000001c SystemErr     R javax.net.ssl.SSLProtocolException: end of file
    at com.ibm.jsse.bv.a(Unknown Source)
    at com.ibm.jsse.bv.startHandshake(Unknown Source)
    at com.ibm.net.ssl.www2.protocol.https.b.o(b.java:136)
    at com.ibm.net.ssl.www2.protocol.https.i.connect(i.java:28)
    at com.ibm.net.ssl.www2.protocol.http.bc.getOutputStream(bc.java:44)
    at com.ibm.net.ssl.www2.protocol.https.l.getOutputStream(l.java:23)
    at com.corio.tsr.webservices.SRAutomationWebServiceClient.getJsonObject(SRAutomationWebServiceClient.java:166)
    at com.corio.tsr.jms.receiver.SRAutomationMessageBean.onMessage(Unknown Source)
    at com.ibm.ejs.container.MessageEndpointHandler.invokeMdbMethod(MessageEndpointHandler.java:1013)
    at com.ibm.ejs.container.MessageEndpointHandler.invoke(MessageEndpointHandler.java:746)
    at $Proxy2.onMessage(Unknown Source)
    at com.ibm.ws.sib.api.jmsra.impl.JmsJcaEndpointInvokerImpl.invokeEndpoint(JmsJcaEndpointInvokerImpl.java:201)
    at com.ibm.ws.sib.ra.inbound.impl.SibRaDispatcher.dispatch(SibRaDispatcher.java:627)
    at com.ibm.ws.sib.ra.inbound.impl.SibRaSingleProcessListener$SibRaWork.run(SibRaSingleProcessListener.java:463)
    at com.ibm.ejs.j2c.work.WorkProxy.run(WorkProxy.java:394)
    at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))

Can any one suggest what can I do or any clue on how to get rid of this error

Answer 1

SSL handshake is required.Without that it will not work. First try with setting property for protocol support

urlConn.setRequestProperty("https.protocols", "TLSv1");

If you are getting "javax.net.ssl.SSLHandshakeException: Remote host closed connection" then follow the below steps.

If you are using IE, here is how you can do so:
1)Access URL with https protocol (example: service WSDL location (Ex. https://foo.com/bar?wsdl) on the browser.
2)Internet explorer will prompt a security alert. Select the "View Certificate" button.
3)Navigate to the tab "Details". Select the "Copy to File.." button.
4)Certificate Export Wizard will be displayed. Select "NEXT" button.
5)The option "DER encoded binary X.509 (.CER) will be by default selected. Select "Next".
6)Place the file where it suits you better. S7)elect "Next". The "Completing Certificate Export Wizard" will be displayed. Select "Finish". The will be a pop-up saying "The export was successful".

Following are the steps to import the certificate signature to JRE keystore:
1)Move the certificate file to your %JAVA_HOME%/jre/lib/security folder.
2)In ant you can use command ant –diagnostics to find out java installation folder by using java.home system property.
3)Make a backup copy of file named “cacerts” (the keystore) which is under %JAVA_HOME%/jre/lib/security.
4)Open a command prompt and change directory (cd) to %JAVA_HOME%/jre/lib/security.
5)Run following command:

keytool -importcert -trustcacerts -keystore cacerts -storepass changeit -alias "<aliasname>" –file <cert file>

7)Type in ‘yes’. (prompt appears for untrusted certificates) 8)Run following command to verify: 9)keytool -keystore cacerts -storepass changeit -list -alias ""