Reputation: 115
javax.net.ssl.SSLKeyException: Invalid signature on ECDH server key exchange message( in java)
I am getting below exception while firing simple http GET request from java.(actually from jsoup java api).
javax.net.ssl.SSLKeyException: Invalid signature on ECDH server key exchange message
at sun.security.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:1098)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:278)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:512)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:493)
at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:205)
at org.jsoup.helper.HttpConnection.get(HttpConnection.java:194)
at com.ampower.scraper.data.util.DocumentUtil.test(DocumentUtil.java:205)
at com.ampower.scraper.goolesearch.email.EmailScraper.doGoogleSearch(EmailScraper.java:87)
at com.ampower.scraper.goolesearch.email.EmailScraper.main(EmailScraper.java:50)
Here iam using java version is 1.7.0_101. please suggest.
Upvotes: 4
Views: 12066
Answers (2)
Reputation: 9567
It could be a expired certificate problem. I stumbled upon the same error; after debugging the SSL/TLS Connections I noticed said certicate was no longer valid anymore:
Validaty: [From: date-in-the-past,
To: date-in-the-past]
As soon as the certicate was renewed, the error was gone.
Upvotes: 3
Reputation: 43053
Try one of the following options:
Option 1: JDK upgrade
If possible, change your JDK version for a newer version and check if you run into the same issue again.
Option 2: Possible known issue
A similar issue has been reported. The solution comes from the using of the jdk.tls.client.protocols system property.
Option 3: Disable TLS certificates validation
Jsoup.connect(url).validateTLSCertificates(false).get();
Option 4: Debug the SSL exchange
Paste the url of your target site here: Comodoca's SSL analyzer
See the full detailed approach in this SO answer (Wht not Java7?).
See also:
- Android Jsoup certificate issues
- getting javax.net.ssl.SSLException: Received fatal alert: protocol_version while scraping data using Jsoup
- HttpConnection#validateTLSCertificates
Upvotes: -2
Related Questions
- Can't build Android App with Gradle
- Some clients accept SSL cert; others reject it
- Why do I get a handshake_failure error when I try to get more than 1 Document in my class using Jsoup?
- Java - Unable to read image by url
- OpenJDK9 (Docker), gradle 4.2.1, GitLab
- What are the security consequences of setting "jsse.enableSNIExtension" to false?
- URL Connection giving certificate path error
- How to avoid java.security.cert.CertificateException with AuthorizeNet connection?
- No trusted certificate found for hdfs fsck / command