Reputation: 115
Issues while connecting to https site in JDK 1.7
I have two questions,
1) I am getting the following exception while trying to connect to a server in JDK 1.7
javax.net.ssl.SSLProtocolException: Protocol violation: server sent a
server key exchangemessage for key exchange RSA
The server supports the following protocols - TLS_RSA_WITH_AES_256_CBC_SHA and TLS_RSA_WITH_AES_128_CBC_SHA
2) I just saw the following link,
Is TLS_RSA_WITH_3DES_EDE_CBC_SHA equivalent to SSL_RSA_WITH_3DES_EDE_CBC_SHA
which explains TLS_RSA_WITH_3DES_EDE_CBC_SHA and SSL_RSA_WITH_3DES_EDE_CBC_SHA are equivalent.
But I find that when the server supports "TLS_RSA_WITH_3DES_EDE_CBC_SHA" while connecting to it (JDK1.7) this Cipher Suite isn't getting selected and my connection to the site is failing.
On a additional note, I am using Apache's httpclient to connect.
Upvotes: 0
Views: 846
Answers (1)
Reputation: 45950
This is a good link which shows what Java 1.7 supports: https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=7u25
One of your protocols (TLS_RSA_WITH_AES_128_CBC_SHA) is accepted by Java 1.7 but only for TLSv1.0 or below. Might be worth checking if the server had turned off support if this and only supports TLSv1.1 or TLSv1.2? You can use the server test in the same site to check this.
If it is that then you need to upgrade to Java 8. Which is probably something you should consider anyway if using SSL/TLS for your Java app since PCI has mandated turning off TLSv1.0 so this will become more and more of an issue.
Upvotes: 1
Related Questions
- Problems running HTTPS server
- Java HTTPS connection with SSL certificate Error
- IBM JDK 7 SSL connection not working
- JDK 1.6 and SSL connection
- SSL connection failing for Java 7
- Unable to connect to HTTPS urls using java
- Error connecting to a site over SSL
- Problem when accessing website with Java using HTTPS (not trusted certificate)
- Connect to site through https
- Connect to https Site(Server)