I'm using nifi and I started to configure it for https in order to enable users. Nifi does not work, jetty Web server fails saying there are not ciphers. No idea how to debug this, any hint?
The same certificates have been tested on my computers and they work.
Any help appreciated
Update
Well... I enabled the SSL logging.
The biggest difference is about the Java environment, on the production server is java-1.8.0-openjdk, on my local machine is java-8-oracle.
There are still some important differences between the logs.
As ssl negotiation reference see this POST about how the protocol is supposed to work and the sessions involved.
The most dramatic differences are
no *** ECDH ServerKeyExchange session on production host.
Log starting from ClientHello is much different between the two machines:
Local ( I truncated too long lines and reported only little log session )
*** ClientHello, TLSv1.2
RandomCookie: GMT: 2028150611 bytes = { 31, 20, 137, 167, 52, 224, 12, 129, 113, 59, 113, 45, 161, 54, 164, 147, 115, 148
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_2
cc:0xa8, Unknown 0xcc:0x14, Unknown 0xcc:0x13, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, T
TH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RS
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
Unsupported extension type_23, data:
Unsupported extension type_35, data:
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA384withRSA, SHA384withECDSA, SHA2
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension type_30032, data:
Extension ec_point_formats, formats: [uncompressed]
Extension elliptic_curves, curve names: {unknown curve 29, secp256r1, secp384r1}
***
%% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]
%% Initialized: [Session-2, SSL_NULL_WITH_NULL_NULL]
matching alias: 1
matching alias: 1
matching alias: 1
matching alias: 1
%% Negotiating: [Session-1, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
%% Negotiating: [Session-2, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
*** ServerHello, TLSv1.2
*** ServerHello, TLSv1.2
RandomCookie: RandomCookie: GMT: 1459404759 bytes = { GMT: 1459404759 bytes = { 196, 84, 148, 21, 202, 175, 156, 35, 50,
2 }
Session ID: {87, 253, 192, 215, 210, 220, 163, 93, 88, 20, 237, 50, 37, 61, 50, 192, 225, 180, 252, 8, 19, 154, 0, 18, 13
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
47, 15, 107, 214, 199, 60, 245, 207, 215, 148, 102, 224, 0, 41, 172, 70, 101, 85, 85, 173, 79, 238, 15, 167, 136, 20, 14,
Session ID: {87, 253, 192, 215, 117, 67, 238, 169, 141, 93, 171, 129, 181, 146, 239, 178, 242, 31, 104, 115, 209, 119, 20
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=*.buongiorno.com, OU=PTY-SYS, O=BUONGIORNO SPA, L=Parma, ST=Parma, C=IT
***
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
public x coord: 75079925706380992652797512247021193282035431148032843217618352685456618206389
public y coord: 43896241059818662260698096293954076915685388487376127769285950062051599700758
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA,
Cert Authorities:
<CN=thawte SSL CA - G2, O="thawte, Inc.", C=US>
*** ServerHelloDone
NiFi Web Server-21, WRITE: TLSv1.2 Handshake, length = 1753
NiFi Web Server-21, called closeInbound()
NiFi Web Server-21, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack?
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
%% Invalidated: [Session-2, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
NiFi Web Server-21, SEND TLSv1.2 ALERT: fatal, description = internal_error
NiFi Web Server-21, WRITE: TLSv1.2 Alert, length = 2
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
public x coord: 115351230770955196648507742599468345245507684591583302635044967727219906604428
public y coord: 93087459299146270258246635135187638789539141095594448725666354447366218509864
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA,
....
On production things are differents:
( I truncated too long lines and reported only little log session )
*** ClientHello, TLSv1.2
RandomCookie: GMT: -1695295875 bytes = { 197, 207, 66, 60, 4, 242, 21, 101, 190, 160, 124, 185, 72, 238, 141, 237, 251
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_12
ES_256_GCM_SHA384, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, Unknown 0xcc:0x14, Unknown 0xcc:0x13, TLS_ECDHE_ECDSA_WITH_AES
CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TL
H_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
Extension server_name, server_name: [type=host_name (0), value=nifi-dev.buongiorno.com]
Unsupported extension type_23, data:
Unsupported extension type_35, data:
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA384withRSA, SHA384withECDSA, S
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension type_30032, data:
Extension ec_point_formats, formats: [uncompressed]
Extension elliptic_curves, curve names: {unknown curve 29, java.security.spec.ECParameterSpec#7862cc21, java.security.s
***
%% Initialized: [Session-4, SSL_NULL_WITH_NULL_NULL]
matching alias: 1
%% Negotiating: [Session-4, TLS_RSA_WITH_AES_256_GCM_SHA384]
*** ServerHello, TLSv1.2
RandomCookie: GMT: 1459415539 bytes = { 67, 58, 139, 150, 47, 53, 247, 222, 255, 192, 141, 66, 114, 19, 171, 52, 6, 18
Session ID: {87, 253, 234, 243, 97, 92, 182, 14, 121, 224, 54, 149, 111, 196, 87, 79, 36, 149, 33, 51, 182, 47, 184, 6
Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
Extension server_name, server_name:
***
Cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=*.buongiorno.com, OU=PTY-SYS, O=BUONGIORNO SPA, L=Parma, ST=Parma, C=IT
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
:
.
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDS
withECDSA, SHA1withRSA, SHA1withDSA
Cert Authorities:
<CN=thawte SSL CA - G2, O="thawte, Inc.", C=US>
*** ServerHelloDone
NiFi Web Server-16, WRITE: TLSv1.2 Handshake, length = 1428
NiFi Web Server-21, READ: TLSv1.2 Handshake, length = 7
*** Certificate chain
<Empty>
***
UPDATE 2
I asked to install Java 8 and now keyexchange works, at this point my problems are going go vanish.
If you can provide the output (sanitized, if necessary) of your $NIFI_HOME/logs/nifi-app.log and $NIFI_HOME/logs/nifi-bootstrap.log, as well as the hardware, OS, JRE, and NiFi version you are using, that will help diagnose. Here are a couple common causes:
The certificate in the keystore is invalid (expired, not yet valid, can't validate the chain) and thus the available cipher suites that depend on an RSA/DSA key for signature or encryption are skipped by Jetty. You can check this by adding a new argument in $NIFI_HOME/conf/bootstrap.conf: java.arg.15=-Djavax.net.debug=ssl,handshake (where the argument number is updated to ensure it does not conflict with an existing argument). This will add substantial output to your log file covering the truststore configuration and every TLS handshake negotiation, including which cipher suites Jetty sees as available.
There was a minor issue where dynamically-generated certificates loaded into a keystore could not be used to provide TLSv1.1 cipher suites in test cases. See NIFI-1688 PR 624
The JRE running NiFi does not make any cipher suites available that the browser will accept. This is less common, but JRE 7 makes TLSv1.0 the default, and some browsers (nightly builds, etc.) may restrict TLS to TLSv1.1 or TLSv1.2 only. You can verify this by running the following command: $ openssl s_client -connect <host:port> -debug -state -cert <path_to_your_cert.pem> -key <path_to_your_key.pem> -CAfile <path_to_your_CA_cert.pem>. NiFi 0.x can run on Java 7, but NiFi 1.x requires Java 8+. If you are restricted to Java 7, you can explicitly enable these protocols via another Java argument: java.arg.16=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2.
Related
I have a the following exception :
com.sun.xml.internal.ws.client.ClientTransportException: HTTP
transport error: javax.net.ssl.SSLHandshakeException: Received fatal
alert: handshake_failure
when I try to send a soap request to a customer's web service
I use jre1.8.0_66 and I get UnlimitedJCEPolicyJDK8 jars in "Java\jre1.8.0_66\lib\security" folder
and I get Cipher.getMaxAllowedKeyLength("AES") = 2147483647
and for some reason I can't communicate with the customer to get the protocol in use or the cipher suite in the server side.
and here my javax.net.debug related logs :
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
http-nio-9700-exec-1, setSoTimeout(0) called
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1515623991 bytes = { 212, 12, 195, 65, 98, 206, 121, 198, 232, 203, 220, 162, 207, 122, 217, 87, 121, 168, 220, 246, 60, 50, 9, 61, 214, 181, 16, 190 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
***
[write] MD5 and SHA1 hashes: len = 237
http-nio-9700-exec-1, WRITE: TLSv1.2 Handshake, length = 237
[Raw write]: length = 242
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
http-nio-9700-exec-1, READ: TLSv1 Alert, length = 2
http-nio-9700-exec-1, RECV TLSv1.2 ALERT: fatal, handshake_failure
http-nio-9700-exec-1, called closeSocket()
http-nio-9700-exec-1, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
http-nio-9700-exec-1, called close()
http-nio-9700-exec-1, called closeInternal(true)
Try adding these parameters to your project configuration:
-Dhttps.cipherSuites=SSL_RSA_WITH_RC4_128_MD5
and comment the parameter for disabled algorithms in the java.security file in the jre folder:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
Can you check if this (Diagnosing TLS, SSL and HTTPS from blogs.oracle.com) helps you?
I would like to write a server/client TLS1.3 set of scripts in Python. Therefore, I use tlslite-ng library as only one which has TLS1.3 on board.
However, even my simple code fails:
#openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.pem -out certificate.pem
#
import os
import socket
#import sys
from tlslite.api import *
s = open("./certificate.pem").read()
x509 = X509()
x509.parse(s)
certChain = X509CertChain([x509])
#print (certChain)
s = open("./privateKey.pem").read()
privateKey = parsePEMKey(s, private=True)
#print (privateKey)
host = '127.0.1.1'
port = 8888
payload = 1500
server_address = (host, port)
def start_TLS_server():
socket_TLS = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket_TLS.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
socket_TLS.bind(server_address)
socket_TLS.listen(1)
#synchro = synchroSocket.accept()
connection = TLSConnection(socket_TLS)
settings = HandshakeSettings()
settings.minKeySize = 2048
settings.cipherNames = ["aes256"]
settings.minVersion = (3,1)
connection.handshakeServer(certChain=certChain, privateKey=privateKey, reqCert=True, settings=settings)
#connection.session.clientCertChain # X509CertChain
#connection.session.serverCertChain # X509CertChain
print(connection)
print("TLS server is running...")
while True:
data = connection.read(payload)
if not data:
break
connection.write(data)
connection.close()
if __name__ == "__main__":
start_TLS_server()
I'm getting error like this:
root#Admin-PC:/mnt/c/Users/andre/Documents/Visual Studio Code/Projects/SSNProject/TLSvsNPF# python3 TLSserver.py
<tlslite.tlsconnection.TLSConnection object at 0x7f0c9142fe48>
Traceback (most recent call last):
File "TLSserver.py", line 89, in <module>
start_TLS_server()
File "TLSserver.py", line 58, in start_TLS_server
connection.handshakeServer(certChain=certChain, privateKey=privateKey, reqCert=True, settings=settings)
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsconnection.py", line 1191, in handshakeServer
nextProtos=nextProtos, anon=anon, alpn=alpn, sni=sni):
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsconnection.py", line 1220, in handshakeServerAsync
for result in self._handshakeWrapperAsync(handshaker, checker):
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsconnection.py", line 2216, in _handshakeWrapperAsync
for result in handshaker:
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsconnection.py", line 1262, in _handshakeServerAsyncHelper
anon, alpn, sni):
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsconnection.py", line 1485, in _serverGetClientHello
HandshakeType.client_hello):
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsrecordlayer.py", line 657, in _getMsg
for result in self._getNextRecord():
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsrecordlayer.py", line 829, in _getNextRecord
for result in self._getNextRecordFromSocket():
File "/usr/local/lib/python3.5/dist-packages/tlslite/tlsrecordlayer.py", line 853, in _getNextRecordFromSocket
for result in self._recordLayer.recvRecord():
File "/usr/local/lib/python3.5/dist-packages/tlslite/recordlayer.py", line 695, in recvRecord
for result in self._recordSocket.recv():
File "/usr/local/lib/python3.5/dist-packages/tlslite/recordlayer.py", line 188, in recv
for record in self._recvHeader():
File "/usr/local/lib/python3.5/dist-packages/tlslite/recordlayer.py", line 122, in _recvHeader
for result in self._sockRecvAll(1):
File "/usr/local/lib/python3.5/dist-packages/tlslite/recordlayer.py", line 99, in _sockRecvAll
socketBytes = self.sock.recv(length - len(buf))
File "/usr/local/lib/python3.5/dist-packages/tlslite/bufferedsocket.py", line 54, in recv
return self.socket.recv(bufsize)
OSError: [Errno 107] Transport endpoint is not connected
root#Admin-PC:/mnt/c/Users/andre/Documents/Visual Studio Code/Projects/SSNProject/TLSvsNPF#
As you may notice I am on Windows 10's Linux subsutem Ubuntu 16.04 LTS. I understand that mistake is somewhere in certificates but it is not clear where... Any suggestions?
Thank you
OSError: [Errno 107] Transport endpoint is not connected
you need to call accept() on the listening socket to get the socket and connection info which you wrap TLSConnection around.
See tlstest.py for an example.
Do note that you need to use the tls-1.3 branch for the TLS 1.3 support to be present, and aes256 cipher is incompatible with TLS 1.3 (aes256 is a name used for CBC mode cipher, no CBC mode ciphers are defined for TLS 1.3, you need to use aes256gcm or one of the other AEAD ciphers)
My Java (1.7) client seems to be failing at the very end of the handshake process with the below exception.
I guess there is some issue with the client set up. How should I go about debugging this?
...
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 29, 85, 244, 219, 41, 146, 203, 174, 235, 86, 47, 92 }
***
main, WRITE: TLSv1 Handshake, length = 40
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
%% Invalidated: [Session-1, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Exception in thread "main" AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
faultActor:
faultNode:
faultDetail:
I try to connect to office365 mail server with javaMail v1.5.3 (application is deployed on tomcat 6). Im running a thread on startup that is checking for new emails in a loop with one minute sleep. In most cases connection is successfully estabilished and everything works just fine but sometimes I get
"Remote host closed connection during handshake" error.
The error is caused by
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(InputRecord.java:482)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
I have tried sulutions from:
How to make Java 6, which fails SSL connection with "SSL peer shut down incorrectly", succeed like Java 7?
and javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake :
adding -Dhttps.protocols=TLSv1,SSLv3 and -Dsun.security.ssl.allowUnsafeRenegotiation=true to my tomcat environment
but I didn't get any result. Still - randomly exception occurs.
I enabled debug mode on javax.net and on IMAP connection and get results:
when connection is not estabilishing correctly log looks like this :
DEBUG: setDebug: JavaMail version 1.5.3
DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle]
DEBUG IMAP: mail.imap.fetchsize: 16384
DEBUG IMAP: mail.imap.ignorebodystructuresize: false
DEBUG IMAP: mail.imap.statuscachetimeout: 1000
DEBUG IMAP: mail.imap.appendbuffersize: -1
DEBUG IMAP: mail.imap.minidletime: 10
DEBUG IMAP: closeFoldersOnStoreFailure
DEBUG IMAP: trying to connect to host "outlook.office365.com", port 993, isSSL true
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% Client cached [Session-4, TLS_RSA_WITH_AES_128_CBC_SHA]
%% Try resuming [Session-4, TLS_RSA_WITH_AES_128_CBC_SHA] from port 51400
*** ClientHello, TLSv1
RandomCookie:
GMT: 1435130635
bytes = { , , , , , , , , , , , , , , , , , , , , , , , , , , }
Session ID: {66, 20, 0, 0, 123, 9, 142, 72, 150, 39, 215, 34, 63, 169, 129, 23, 25, 182, 88, 196, 86, 27, 216, 191, 117, 196, 37, 118, 229, 8, 9, 64}-
Cipher Suites: [TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]-
Compression Methods: { }
Extension server_name, server_name: [host_name: outlook.office365.com]
***-
[write] MD5 and SHA1 hashes: len = 125
46#CheckMailThread, WRITE: TLSv1 Handshake, length = 125
[Raw write]: length = 130
46#CheckMailThread, received EOFException: error
46#CheckMailThread, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
46#CheckMailThread, SEND TLSv1 ALERT: fatal, description = handshake_failure
46#CheckMailThread, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
46#CheckMailThread, called closeSocket()
and then exception occurs
javax.mail.MessagingException: Remote host closed connection during handshake;
nested exception is:
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:733)
at javax.mail.Service.connect(Service.java:364)
at javax.mail.Service.connect(Service.java:245)
(...)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:574)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:369)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:236)
at com.sun.mail.iap.Protocol.<init>(Protocol.java:117)
at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:120)
at com.sun.mail.imap.IMAPStore.newIMAPProtocol(IMAPStore.java:753)
at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:696)
... 6 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(InputRecord.java:482)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
... 16 more
In other hand in most cases thread is doing ok and the log looks like this:
DEBUG: setDebug: JavaMail version 1.5.3
DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle]
DEBUG IMAP: mail.imap.fetchsize: 16384
DEBUG IMAP: mail.imap.ignorebodystructuresize: false
DEBUG IMAP: mail.imap.statuscachetimeout: 1000
DEBUG IMAP: mail.imap.appendbuffersize: -1
DEBUG IMAP: mail.imap.minidletime: 10
DEBUG IMAP: closeFoldersOnStoreFailure
DEBUG IMAP: trying to connect to host "outlook.office365.com", port 993, isSSL true
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% Client cached [Session-150, TLS_RSA_WITH_AES_128_CBC_SHA]
%% Try resuming [Session-150, TLS_RSA_WITH_AES_128_CBC_SHA] from port 59183
*** ClientHello, TLSv1
RandomCookie:
GMT: 1435076193
bytes = { , , , , , , , , , , , , , , , , , , , , , , , , , , , }
Session ID:
{241, 61, 0, 0, 224, 114, 43, 139, 255, 64, 232, 7, 209, 90, 5, 63, 63, 117, 33, 66, 215, 35, 48, 83, 131, 211, 38, 151, 73, 232, 6, 120}
Cipher Suites: [TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: {
}
Extension server_name, server_name: [host_name: outlook.office365.com]
***
[write] MD5 and SHA1 hashes: len = 125
46#CheckMailThread, WRITE: TLSv1 Handshake, length = 125
[Raw write]: length = 130
[Raw read]: length = 5
[Raw read]: length = 3532
46#CheckMailThread, READ: TLSv1 Handshake, length = 3532
*** ServerHello, TLSv1
RandomCookie:
GMT: 1435076194
Bytes = { , , , , , , , , , , , , , , , , , , , , , , , , , , , }
Session ID:
{112, 39, 0, 0, 59, 34, 200, 120, 31, 23, 110, 30, 10, 37, 236, 213, 46, 233, 201, 3, 253, 223, 81, 109, 188, 218, 33, 164, 33, 127, 27, 55}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Initialized: [Session-151, TLS_RSA_WITH_AES_128_CBC_SHA]
** TLS_RSA_WITH_AES_128_CBC_SHA
[read] MD5 and SHA1 hashes: len = 81
*** Certificate chain (...)
And then goes the certificate etc
So I was wonderig what can cause such inconsistent behaviour.
I'm trying to setup a remote tomcat server for deployment in IntelliJ.
For some reason the "handshake" fails.
11:44:28 Error running VPS-Tomcat
Unable to connect to the 185.80.128.231:1099, reason:
java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is:
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
I added some debug options to tomcat startup:
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
RMI TCP Connection(16)-78.60.67.248, READ: TLSv1.2 Handshake, length = 207
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1431613995 bytes = { 210, 37, 184, 64, 38, 79, 199, 129, 139, 3, 89, 15, 7, 99, 193, 123, 94, 24, 149, 84, 76, 24, 210, 199, 14, 10, 32, 220 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
%% Initialized: [Session-14, SSL_NULL_WITH_NULL_NULL]
%% Invalidated: [Session-14, SSL_NULL_WITH_NULL_NULL]
RMI TCP Connection(16)-78.60.67.248, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
RMI TCP Connection(16)-78.60.67.248, WRITE: TLSv1.2 Alert, length = 2
RMI TCP Connection(16)-78.60.67.248, called closeSocket()
RMI TCP Connection(16)-78.60.67.248, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
RMI TCP Connection(16)-78.60.67.248, called close()
RMI TCP Connection(16)-78.60.67.248, called closeInternal(true)
I don't really understand it but I assume that one end is using TLS1.2 and the other TLS1.1 although I'm not even sure which is which.
So how can I configure them to both use the same version? Or make tomcat support those cipher suites?
Or does the problem lie elsewhere?