Code NetConnection.Connect.SSLHandshakeFailed in my RED5 server

Question

I have an AS3 flash published with Flash Professional CC and published for Flash Player13.

The problem is: When I create a NetConnection to my RTMP Server (RED5 v1.1) I Have obtained th following error message: NetConnection.Connect.SSLHandshakeFailed.

The code I'm using is the following:

nc = new NetConnection();
nc.objectEncoding = ObjectEncoding.AMF3;
nc.client = this;
nc.proxyType = "best";
nc.addEventListener(NetStatusEvent.NET_STATUS, netSAServerRTMPStatus);
nc.connect("rtmps://myappserver.mydomain.com/myApp", myChannel);
private function netSAServerRTMPStatus(event:NetStatusEvent):void
{
     trace(event.info.code);
}

If I don't set the proxyType or I set it to any other option, the connection is never established, but if I set it to "best", I can create the connection sometimes, but not always.

In my server i have a SSL certificate signed by Geo Trust Inc and it's Common Name (CN) = *.mydomain.com

Can anyone help me please? I can give more information if it's needed.

Best regards, Pimager

Answer 1

You can enable ssl debug to get more details when it fails; add this entry to your JAVA_OPTS:

-Djavax.net.debug=ssl

You will then see entries like this in your log:

javax.net.ssl.SSLHandshakeException: Client requested protocol TLSv1 not enabled or not supported

and / or

Exception caught on session: 1 id: EPP7XKEM0XUWC javax.net.ssl.SSLHandshakeException: SSL handshake failed.

In the case shown, TLSv1 was requested by the client and was rejected.

Update

Another thing you can test out, is enabling legacy stuff via parameter in your red5.sh; add these to your JAVA_OPTS:

-Dsun.security.ssl.allowUnsafeRenegotiation=true -Dsun.security.ssl.allowLegacyHelloMessages=true

You can find information about these parameters here.