This seems like a protocol version mismatch, this exception normally happens when there is a mismatch between SSL protocol version used by the client and the server. your clients should use a protocol version supported by the server.
You could probably enable the SSLv2 protocol at the JVM but that is is a serious security risk. The clients are using an outdated and insecure protocol and should be updated to TLSv1.1 or TLSv.1.2.
Below is nice solution to resolve the error javax.net.ssl.SSLException: Received fatal alert: unexpected_message.
You could probably enable the SSLv2 protocol at the JVM but that is is a serious security risk. The clients are using an outdated and insecure protocol and should be updated to TLSv1.1 or TLSv.1.2.
Below is nice solution to resolve the error javax.net.ssl.SSLException: Received fatal alert: unexpected_message.
System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2,SSLv3,SSLv2Hello");
OR
System.setProperty("com.sun.net.ssl.enableECC","false");
System.setProperty("jsse.enableSNIExtension","false");
AND
import javax.net.ssl.*
import java.security.SecureRandom
import java.security.cert.CertificateException
import java.security.cert.X509Certificate;
HttpsURLConnection connection = (HttpsURLConnection) new URL(requestURL).openConnection();
setAcceptAllVerifier(connection);
private static SSLSocketFactory sslSocketFactory = null;
private static void setAcceptAllVerifier(HttpsURLConnection connection) throws Exception {
if (sslSocketFactory == null) {
TrustManager trustManager = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
SSLContext sslContext = SSLContext.getInstance("SSLv3");
sslContext.init(null, trustManager as TrustManager[], new SecureRandom());
sslSocketFactory = sslContext.getSocketFactory();
}
connection.setSSLSocketFactory(sslSocketFactory);
connection.setHostnameVerifier(ALL_TRUSTING_HOSTNAME_VERIFIER);
}
private static final HostnameVerifier ALL_TRUSTING_HOSTNAME_VERIFIER = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
No comments:
Post a Comment