I am trying to call an API using SSL Certificates. From -Djavax.net.debug = all log I am passing the following steps.
- Received "Server Hello Done"
- Client Key Exchange: RSA PreMasterSecret, TLSv1
- Received Finished Status on Client Key Exchange
Change Cipher Spec: Fail
RECV TLSv1 ALERT: fatal, handshake_failure %% Invalidated: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
I am using JDK1.7, with JCE Unlimited Strength Policy files. Thanks for you help.
EDIT: Between Server Hello Done and Client Key Exchange
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Code for setting up SSL Socket Factory:
System.setProperty('javax.net.ssl.keyStore', 'jksfile')
System.setProperty('javax.net.ssl.keyStorePassword', '')
System.setProperty("https.protocols", "TLSv1");
System.setProperty('javax.net.ssl.trustStore', 'C:/Program Files/Java/jdk1.7.0_79/jre/lib/security/cacerts')
System.setProperty('javax.net.ssl.trustStorePassword', '')
SSLContext sslcontext = SSLContext.getInstance("TLSv1");
sslcontext.init(null, null, null);
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
if (conn instanceof HttpsURLConnection){
conn.setSSLSocketFactory(sslcontext.getSocketFactory());
}