Play WS TLSv1.2 handshake_failure (READ: TLSv1.2 Alert, length = 2; RECV TLSv1 ALERT: fatal, handshake_failure)
5,211 views
Skip to first unread message
Nannan
Nov 5, 2015, 5:08:38 PM11/5/15
to play-framework
Hi all,
When I use the Play WS to send the GET request to some website that is only enabled TLSv1.2, I got this weird error, *** ClientHello, TLSv1.2, but recv with TLSv1. then the handshake_failure.
Can someone help me with this? Great Thanks.
New I/O worker #18, READ: TLSv1.2 Alert, length = 2New I/O worker #18, RECV TLSv1 ALERT: fatal, handshake_failureNew I/O worker #18, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failureNew I/O worker #18, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failureNew I/O worker #18, called closeOutbound()New I/O worker #18, closeOutboundInternal()New I/O worker #18, SEND TLSv1 ALERT: warning, description = close_notifyNew I/O worker #18, WRITE: TLSv1 Alert, length = 2New I/O worker #18, called closeInbound()New I/O worker #18, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
It seems similar as this one, but not the same reason.
The full details as follows:
trigger seeding of SecureRandomdone seeding SecureRandomIgnoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHAIgnoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAIgnoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHAIgnoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHAIgnoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256Using SSLEngineImpl.Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAIgnoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHAFinalizer, called close()Finalizer, called closeInternal(true)Finalizer, called closeSocket(selfInitiated)Finalizer, called close()Finalizer, called closeInternal(true)Finalizer, called closeSocket(selfInitiated)Allow unsafe renegotiation: falseAllow legacy hello messages: trueIs initial handshake: trueIs secure renegotiation: false%% No cached client session*** ClientHello, TLSv1.2RandomCookie: GMT: 1446694051 bytes = { 7, 192, 205, 254, 252, 63, 74, 77, 5, 40, 228, 2, 59, 134, 88, 236, 38, 3, 163, 14, 112, 96, 223, 223, 117, 255, 79, 28 }Session ID: {}Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]Compression Methods: { 0 }Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}Extension ec_point_formats, formats: [uncompressed]Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA***[write] MD5 and SHA1 hashes: len = 1790000: 01 00 00 AF 03 03 56 3B CD A3 07 C0 CD FE FC 3F ......V;.......?0010: 4A 4D 05 28 E4 02 3B 86 58 EC 26 03 A3 0E 70 60 JM.(..;.X.&...p`0020: DF DF 75 FF 4F 1C 00 00 2A C0 09 C0 13 00 2F C0 ..u.O...*...../.0030: 04 C0 0E 00 33 00 32 C0 08 C0 12 00 0A C0 03 C0 ....3.2.........0040: 0D 00 16 00 13 C0 07 C0 11 00 05 C0 02 C0 0C 00 ................0050: 04 00 FF 01 00 00 5C 00 0A 00 34 00 32 00 17 00 ......\...4.2...0060: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................0070: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................0080: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................0090: 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 05 ................00A0: 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 02 ................00B0: 02 01 01 ...New I/O worker #18, WRITE: TLSv1.2 Handshake, length = 179[Raw write]: length = 1840000: 16 03 03 00 B3 01 00 00 AF 03 03 56 3B CD A3 07 ...........V;...0010: C0 CD FE FC 3F 4A 4D 05 28 E4 02 3B 86 58 EC 26 ....?JM.(..;.X.&0020: 03 A3 0E 70 60 DF DF 75 FF 4F 1C 00 00 2A C0 09 ...p`..u.O...*..0030: C0 13 00 2F C0 04 C0 0E 00 33 00 32 C0 08 C0 12 .../.....3.2....0040: 00 0A C0 03 C0 0D 00 16 00 13 C0 07 C0 11 00 05 ................0050: C0 02 C0 0C 00 04 00 FF 01 00 00 5C 00 0A 00 34 ...........\...40060: 00 32 00 17 00 01 00 03 00 13 00 15 00 06 00 07 .2..............0070: 00 09 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E ................0080: 00 0F 00 10 00 11 00 02 00 12 00 04 00 05 00 14 ................0090: 00 08 00 16 00 0B 00 02 01 00 00 0D 00 1A 00 18 ................00A0: 06 03 06 01 05 03 05 01 04 03 04 01 03 03 03 01 ................00B0: 02 03 02 01 02 02 01 01 ........[Raw read]: length = 50000: 15 03 03 00 02 .....[Raw read]: length = 20000: 02 28 .(New I/O worker #18, READ: TLSv1.2 Alert, length = 2New I/O worker #18, RECV TLSv1 ALERT: fatal, handshake_failureNew I/O worker #18, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failureNew I/O worker #18, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failureNew I/O worker #18, called closeOutbound()New I/O worker #18, closeOutboundInternal()New I/O worker #18, SEND TLSv1 ALERT: warning, description = close_notifyNew I/O worker #18, WRITE: TLSv1 Alert, length = 2New I/O worker #18, called closeInbound()New I/O worker #18, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?[Raw write]: length = 70000: 15 03 01 00 02 01 00 .......New I/O worker #18, called closeOutbound()New I/O worker #18, closeOutboundInternal()
rta...@twitter.com
Nov 5, 2015, 5:13:26 PM11/5/15
to play-framework
Which JVM and Play version?
This looks like a bug back in JDK7 wherein Java's DHE implementation failed 5% of the time under certain conditions.
Nannan
Nov 5, 2015, 5:31:52 PM11/5/15
to play-framework
Thanks so much to relay my thread! I am stuck here for a few days. T_T
Play version is 2.3.3.
Java version "1.7.0_79"
Java version "1.7.0_79"
Regards,
Nannan
在 2015年11月5日星期四 UTC-5下午5:13:26,rta...@twitter.com写道:
在 2015年11月5日星期四 UTC-5下午5:13:26,rta...@twitter.com写道:
rta...@twitter.com
Nov 5, 2015, 6:01:23 PM11/5/15
to play-framework
Try upgrading to a more recent version of the JVM.
Nannan
Nov 18, 2015, 1:24:58 PM11/18/15
to play-framework
Thanks!
I have solved this problem by rewritten the PlayWS related code and enable the TLSv1.2 when creating the SSLContext.
Also I need to make sure to pass the trustStore info for this SSLContext.
Then, everything works as expected now.
Previously, it is because the cipher suite is not matched with the server enabled. This server is only enabled for TLSv1.2.
Anyway, thanks for replying me. :)
Have a nice day.
Reply all
Reply to author
Forward
0 new messages