CODEWITHSUNDEEP
javassl
Srijith Kartha
Srijith Kartha

Reputation: 296

What is "Received close_notify during handshake" Error

I'm writing a code to connect to a http server using Java HttpsURLConnection. The server is sitting behind a proxy. Please find below the code I'm using:

private void setSSLProperties() {
    if (isSSLRequired()) {
        if (true) {
            System.out.println(this.getArgument("KEY_STORE", true));
            System.out.println(this.getArgument("KEY_PASS", true));
            System.out.println(this.getTrustStoreType());
        }
        System.setProperty("https.protocols", "TLSv1");
        System.setProperty("javax.net.debug", "all");
        System.setProperty("javax.net.ssl.trustStore",
                this.getArgument("KEY_STORE", true));
        System.setProperty("javax.net.ssl.trustStorePassword",
                this.getArgument("KEY_PASS", true));
        System.setProperty("javax.net.ssl.trustStoreType",
                this.getTrustStoreType());
        HttpsURLConnection.setFollowRedirects(true);
    }
}

private void setProxyProperties() {
    if (this.isProxyRequired()) {
        if (this.isSSLRequired()) {
            System.setProperty("https.proxyHost", this.getProxyHost());
            System.setProperty("https.proxyPort", this.getProxyPort() + "");
        } else {
            System.setProperty("http.proxyHost", this.getProxyHost());
            System.setProperty("http.proxyPort", this.getProxyPort() + "");
        }
    }
}

private URLConnection getConnection(Document inputDocument)
        throws IOException {
    URLConnection conn = null;
    String urlstring = this.getUrl(inputDocument);
    if (true) {
        System.out.println("URL: " + urlstring);
    }

    URL url = new URL(urlstring);
    this.setProxyProperties();
    if (this.isSSLRequired()) {
        this.setSSLProperties();
        conn = (HttpsURLConnection) url.openConnection();
        ((HttpsURLConnection) conn).setRequestMethod("GET");
        conn.setRequestProperty("User-Agent", "Mozilla/5.0");
    } else {
        conn = (HttpURLConnection) url.openConnection();
        ((HttpURLConnection) conn).setRequestMethod("GET");
        conn.setRequestProperty("User-Agent", "Mozilla/5.0");
    }
    conn.setDoOutput(false);
    conn.setDoInput(true);
    conn.setUseCaches(false);
    return conn;
}

private String getContent(URLConnection conn) throws IOException {
    if (this.isSSLRequired()) {
        System.out.println("Response Code: " + ((HttpsURLConnection)conn).getResponseCode());
    } else {
        System.out.println("Response Code: " + ((HttpURLConnection)conn).getResponseCode());
    }
    InputStreamReader isr = new InputStreamReader(conn.getInputStream());
    BufferedReader br = new BufferedReader(isr);

    String responseString = "";
    String responseLine = null;

    while ((responseLine = br.readLine()) != null) {
        responseString = responseString + responseLine;
    }
    return responseString;
}

I'm getting the following error in the line

InputStreamReader isr = new InputStreamReader(conn.getInputStream());

at conn.getInputStream();

Please find below the error and SSL logs:

keyStore is : 
keyStore type is : jks
keyStore provider is : 
init keystore
init keymanager of type SunX509
trustStore is: C:\SK\Programs\sctools\nnr.jks
trustStore type is : jks
trustStore provider is : 
init truststore
adding as trusted cert:
  Subject: CN=onlineregistration.gedb.toshiba.com, OU=Domain Control Validated
  Issuer:  CN=TOSHIBA Root CA
  Algorithm: RSA; Serial number: 0x7ed41fd109332d6c
  Valid from Tue May 03 23:20:38 IST 2016 until Fri May 03 23:20:38 IST 2019

trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1517845231 bytes = { 45, 16, 11, 150, 235, 36, 119, 198, 165, 219, 183, 22, 240, 57, 59, 50, 64, 24, 232, 55, 62, 152, 150, 170, 45, 210, 104, 179 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 73
0000: 01 00 00 45 03 01 5A 78   7B EF 2D 10 0B 96 EB 24  ...E..Zx..-....$
0010: 77 C6 A5 DB B7 16 F0 39   3B 32 40 18 E8 37 3E 98  w......9;[email protected]>.
0020: 96 AA 2D D2 68 B3 00 00   1E 00 04 00 05 00 2F 00  ..-.h........./.
0030: 33 00 32 00 0A 00 16 00   13 00 09 00 15 00 12 00  3.2.............
0040: 03 00 08 00 14 00 11 01   00                       .........
main, WRITE: TLSv1 Handshake, length = 73
[Raw write]: length = 78
0000: 16 03 01 00 49 01 00 00   45 03 01 5A 78 7B EF 2D  ....I...E..Zx..-
0010: 10 0B 96 EB 24 77 C6 A5   DB B7 16 F0 39 3B 32 40  ....$w......9;2@
0020: 18 E8 37 3E 98 96 AA 2D   D2 68 B3 00 00 1E 00 04  ..7>...-.h......
0030: 00 05 00 2F 00 33 00 32   00 0A 00 16 00 13 00 09  .../.3.2........
0040: 00 15 00 12 00 03 00 08   00 14 00 11 01 00        ..............
javax.net.ssl.SSLException: Received close_notify during handshake
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1569)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1661)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1041)
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:373)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
    at com.common.api.HttpCaller.getContent(HttpCaller.java:254)
    at com.common.api.HttpCaller.getHttpResponse(HttpCaller.java:69)
    at com.sterling.test.sample.CPCHttpCallerTest.testGetHttpResponse(CPCHttpCallerTest.java:30)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
    at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
    at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
[Raw read]: length = 5
0000: 15 03 01 00 02                                     .....
[Raw read]: length = 2
0000: 01 00                                              ..
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  warning, close_notify
main, SEND TLSv1 ALERT:  fatal, description = unexpected_message
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 0A                               .......
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received close_notify during handshake
0    [main] ERROR com.common.api.HttpCaller  - 
3    [main] ERROR com.common.api.HttpCaller  - [1517845487840] Received close_notify during handshake
4    [main] ERRORDTL com.common.api.HttpCaller  - [1517845487840]javax.net.ssl.SSLException: Received close_notify during handshake
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1569)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1661)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1041)
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:373)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
    at com.common.api.HttpCaller.getContent(HttpCaller.java:254)

I'd really appreciate If someone can suggest me any reason as to why this error might be happening. Since I'm not closing the connection from the client end, why is the connection being terminated.

JDK version: 1.6

Upvotes: 4

Views: 14809

Answers (1)

Srijith Kartha
Srijith Kartha

Reputation: 296

I was able to fix the issue by upgrading Java to Java SE 8. The issue was caused because the server was expecting the SSL protocol if TLSv1.1 which isn't available in Java 1.6 which was being used by the client. After updating to Java 8 and specifying the protocol using https.protocol system variable the error was resolved.

Upvotes: 2

Related Questions