Java connect to SOAP web service using SSL handshake failure

Question

Can anyone tell me, what the problem in this ssl handshake is? I'm not able to interpret this message to know what's going wrong.

I use Java 1.8u171 and custom key- and truststores.

since the ssl debug trace is to big to post here, I've added just the ending of it. Let me know if I need to add more lines.

*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
  public x coord: 22370889587224987359608899225847605413175776292485254209693360141628593926267
  public y coord: 46421316867312726832394508124945403534455242739986432133408176290773445555000
  parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
main, READ: TLSv1.2 Handshake, length = 1296
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA256withRSA, SHA256withDSA, SHA256withECDSA, Unknown (hash:0x3, signature:0x1), Unknown (hash:0x3, signature:0x2), Unknown (hash:0x3, signature:0x3), SHA1withRSA, SHA1withDSA, SHA1withECDSA
Cert Authorities:









*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain

***
*** ECDHClientKeyExchange
ECDH Public value:  { 4, 151, 224, 196, 1, 182, 164, 65, 41, 7, 83, 83, 219, 245, 182, 17, 252, 77, 121, 12, 239, 156, 93, 141, 201, 209, 209, 105, 133, 211, 170, 214, 7, 186, 20, 184, 229, 154, 102, 83, 241, 182, 65, 201, 230, 178, 162, 155, 233, 13, 238, 236, 66, 132, 154, 131, 234, 253, 232, 127, 96, 123, 113, 254, 173 }
main, WRITE: TLSv1.2 Handshake, length = 101
SESSION KEYGEN:
PreMaster Secret:
0000: 5B 6B 22 F4 DA 84 39 7D   6D BC 0D 78 BF 12 8D 9E  [k"...9.m..x....
0010: A8 AE 84 1D 77 FC F1 9D   1B 4D 2C E3 15 65 D2 FC  ....w....M,..e..
CONNECTION KEYGEN:
Client Nonce:
0000: 5B 60 8F D8 9A F6 63 29   DB AE 52 4A 85 C5 7D 92  [`....c)..RJ....
0010: 5F 24 BE 3D 42 30 C0 F1   18 60 AD 6B C9 CA 77 12  _$.=B0...`.k..w.
Server Nonce:
0000: 8B 00 1C 8A 53 D6 F0 0E   0E 1C 11 6C 36 56 21 E5  ....S......l6V!.
0010: 85 E6 C6 F9 6F F7 26 D9   1B 8C 58 A8 B5 48 A5 9E  ....o.&...X..H..
Master Secret:
0000: 46 48 BA 0A 40 0F CD 0F   93 C0 60 35 07 08 EA 3E  FH..@.....`5...>
0010: E3 44 EC 4A 65 58 E3 38   32 56 47 17 5E DB B7 AB  .D.JeX.82VG.^...
0020: 13 15 00 A7 25 3B 89 DE   2D B7 89 F4 D1 2C EC 92  ....%;..-....,..
... no MAC keys used for this cipher
Client write key:
0000: 85 A7 0F CF F3 26 14 49   C3 9F F9 7D FF 92 88 75  .....&.I.......u
0010: 44 0E 1B 3E BE B2 B0 A9   27 CB FD 02 3D E3 07 4F  D..>....'...=..O
Server write key:
0000: 01 A7 47 C1 BB F1 FE C0   BC 62 DF 6D BD 06 74 63  ..G......b.m..tc
0010: AB 98 3A 12 D2 99 C3 1A   9E D4 7D 27 F7 21 45 C0  ..:........'.!E.
Client write IV:
0000: 6D D5 5C 6E                                        m.

Server write IV:
0000: 53 C2 4A F9                                        S.J.
main, WRITE: TLSv1.2 Change Cipher Spec, length = 25
*** Finished
verify_data:  { 232, 49, 11, 141, 224, 91, 146, 66, 124, 158, 201, 90 }
***
main, WRITE: TLSv1.2 Handshake, length = 40
main, READ: TLSv1.2 Alert, length = 26
main, RECV TLSv1.2 ALERT:  fatal, handshake_failure
%% Invalidated:  [Session-3, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
%% Invalidated:  [Session-4, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)

And here a part of the stacktrace:

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[?:1.8.0_172]
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) ~[?:1.8.0_172]
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2038) ~[?:1.8.0_172]
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1135) ~[?:1.8.0_172]
    at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:940) ~[?:1.8.0_172]
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) ~[?:1.8.0_172]
    at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) ~[?:1.8.0_172]
    at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) ~[?:1.8.0_172]
    at java.io.BufferedInputStream.read(BufferedInputStream.java:345) ~[?:1.8.0_172]
    at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:735) ~[?:1.8.0_172]
    at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:678) ~[?:1.8.0_172]
    at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:706) ~[?:1.8.0_172]
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1587) ~[?:1.8.0_172]
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) ~[?:1.8.0_172]
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) ~[?:1.8.0_172]
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:347) ~[?:1.8.0_172]

fl0w · Accepted Answer

"Warning: no suitable certificate found - continuing without client authentication" - your certificate does not match the target host, check the certificate.

Java connect to SOAP web service using SSL handshake failure

Answers (1)

Related Questions