 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / February 2007SSLException: Unrecognized SSL message, plaintext connection?
Hi All I am getting the following message when run my application Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? at com.sun.net.ssl.internal.ssl.InputRecord.b(Unknown Source) at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source) at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source) at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(Unknown Source) at sun.nio.cs.StreamDecoder$CharsetSD.implRead(Unknown Source) at sun.nio.cs.StreamDecoder.read(Unknown Source) at java.io.InputStreamReader.read(Unknown Source) at java.io.BufferedReader.fill(Unknown Source) at java.io.BufferedReader.readLine(Unknown Source) at java.io.BufferedReader.readLine(Unknown Source) Let me give a brief overview of my application. This is a FTPS (NOT SFTP) client connecting to the FTP server on port 990. I am trying to connect to the server download the server certificate and then load it dynamically in the trustmanager and then do the normal FTP operations. The application connects fine for downloading the ceritificate, logging in and getting the initial working directory details. Thereon any operation throws me this error. Any ideas are welcome. Thanks in advance SV I have gone thru lot of forums and boards. Lot of guys seems to have this issue, but I havent seen a single solution. I hope some of you might point me in the right direction. I have gone thru the java documentation as well to look for the cause of this exception. But could not get the right pointer to the solution. By the way I am using JDK1.4.2 With JDK1.4.0 I get the following error Caused by: javax.net.ssl.SSLException: Unrecognized SSL handshake. at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA6275) at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(Unknown Source) at sun.nio.cs.StreamDecoder$CharsetSD.implRead(Unknown Source) at sun.nio.cs.StreamDecoder.read(Unknown Source) at java.io.InputStreamReader.read(Unknown Source) at java.io.BufferedReader.fill(Unknown Source) at java.io.BufferedReader.readLine(Unknown Source) at java.io.BufferedReader.readLine(Unknown Source) With IBM JDK1.4 I get the following error Caused by: javax.net.ssl.SSLHandshakeException: unexpected message at com.ibm.jsse.bv.a(Unknown Source) at com.ibm.jsse.a.a(Unknown Source) at com.ibm.jsse.a.read(Unknown Source) at sun.nio.cs.StreamDecoder$ConverterSD.implRead(StreamDecoder.java: 325) at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:223) at java.io.InputStreamReader.read(InputStreamReader.java:208) at java.io.BufferedReader.fill(BufferedReader.java:153) at java.io.BufferedReader.readLine(BufferedReader.java(Compiled Code)) at java.io.BufferedReader.readLine(BufferedReader.java:379) >This is a FTPS (NOT SFTP) client connecting to the FTP server on port >990. I am trying to connect to the server download the server [quoted text clipped - 5 lines] > >Any ideas are welcome. I think the problem comes from using a SSLSocket directly. As far as I can see in the FTPS RFCs (RFC 2228 and 4217) securing FTP through TLS works different from how it works for HTTP (see RFC 2817). With HTTP client and server exchange a few messages to agree, that they will continue with TLS, and then the TLS handshake happens directly, i.e. without any interference from the HTTP protocol. That's different in FTPS, here all communication stays within in the FTPS protocol and the TLS handshake is encapsulated within FTPS-ADAT messages as Base64 encoded data. This is however not supported by the SSLSocket. Instead, at least AFAIK, you have to provide your own FTPS-aware implementation of SSLEngine, which in turn uses the wrap/unwrap methods to exchange the FTPS-ADAT messages, and also implements all the other abstract methods using the appropriate FTPS messages. I assume it's a lot of work, so I recommend you try looking for ready-to-use implementation, you might even consider to buy one, if you cannot find a free one. HTH cu Hi I am successful in the following operations - connecting to the server - adding the server certificate to the client trustmanager dynamically (without user intervention - that is the requirement here) - logging into the server - getting the details of the current working directory But thereon... any other operation fails with the above exception. Is it something to to do with the SSLSession. Do I have to do something on the session? Thanks again SV To add to the previous post.... After login, I can change/delete/make directory. But only the list command fails... reading the response from the server Thanks SV > To add to the previous post.... > [quoted text clipped - 4 lines] > Thanks > SV It appears the SSL handshake is failing on the data connection but why this should be I don't know. I assume you are using the old standard of FTPS which uses implicit SSL on the control and data channels? If not then maybe you need to set the protection level of the data channel before performing a command which uses it (get/put/list etc). You could also try turning on additional SSL tracing to stdout using: System.setProperty( "javax.net.debug", "ssl"); Regards, Damian. Absolutely Damien Handshake is failing over Data Connection. I am using implicit-SSL for connecting to the server. I will post the debug details shortly Thanks for the reply SV Pl find the debug trace below The control connection handshake is proper. But the data connection handshake is messed up. Pl let me know if you see any pointers. trigger seeding of SecureRandom done seeding SecureRandom %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1155086860 bytes = { 111, 136, 0, 235, 199, 143, 1, 247, 249, 156, 136, 61, 111, 168, 27, 182, 117, 13, 231, 43, 18, 117, 155, 194, 106, 42, 182, 114 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA] Compression Methods: { 0 } *** main, WRITE: TLSv1 Handshake, length = 73 main, WRITE: SSLv2 client hello message, length = 98 main, READ: TLSv1 Handshake, length = 679 *** ServerHello, TLSv1 RandomCookie: GMT: 1155086492 bytes = { 45, 247, 177, 187, 98, 111, 81, 10, 115, 20, 232, 54, 21, 116, 16, 209, 63, 230, 34, 24, 80, 180, 83, 21, 100, 102, 125, 93 } Session ID: {69, 217, 57, 156, 51, 36, 133, 233, 75, 40, 3, 92, 174, 21, 202, 200, 220, 92, 39, 69, 85, 64, 233, 171, 12, 50, 70, 162, 26, 119, 159, 105} Cipher Suite: SSL_RSA_WITH_RC4_128_MD5 Compression Method: 0 *** %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5] ** SSL_RSA_WITH_RC4_128_MD5 *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=XXXXXXXX, OU=XXXXXXXX, O=XXXXXXX, L=XXXXXXXXX, ST=XX, C=XXXXXX Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4 Key: SunJSSE RSA public key: public exponent: 010001 modulus: 6a5d4621 af4cff83 0c168348 b3e63334 20b2682c f8808497 dcce35b5 6dc381f4 43dac70c e114379a 282601f3 4375207b 28c10ef0 233383df 55580196 bea889d0 a2db02d3 66eae648 8c7b07e2 400833ea a114081e 23328a95 68688356 acf9d3eb e2801cb5 09efa3a8 86c5dc95 baf14fc5 32786178 465ae53b b08c1660 84f587a5 Validity: [From: Fri Dec 15 00:19:33 GMT+05:30 2006, To: Mon Dec 14 00:19:33 GMT+05:30 2009] Issuer: CN=XXXXXXXX, OU=XXXXXXXX, O=XXXXXXX, L=XXXXXXXXX, ST=XX, C=XXXXXX SerialNumber: [ 45819cbd] ] Algorithm: [MD5withRSA] Signature: 0000: 67 2A 4B 6A C8 98 3D ED 94 C1 30 CE FE 84 38 17 g*Kj..=... 0...8. 0010: D1 30 20 E0 9E D9 D2 ED 8B E3 11 55 1B 6C A8 39 . 0 ........U.l.9 0020: F2 99 4A D6 57 5C 19 8D 9D A6 5E B0 EC 51 B5 32 ..J.W \....^..Q.2 0030: AB C5 06 FE C8 7D 5E E6 A4 37 E2 0C 36 2D 7A 82 ......^..7..6- z. 0040: B5 D5 0A 33 CC EC 53 26 56 74 88 A1 49 AF F1 9A ... 3..S&Vt..I... 0050: D3 C3 66 B5 F8 6C 71 88 27 82 35 71 DD EF F8 4C ..f..lq.'. 5q...L 0060: 85 A4 57 EF 2B 00 86 05 3E A2 43 B4 2E CC 85 A5 ..W. +...>.C..... 0070: 9D 8A C8 9B B2 EA 3C 65 30 03 35 0B D2 41 F6 2A ......<e0.5..A.* ] *** *** ServerHelloDone JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/ PKCS1Padding *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 Random Secret: { 3, 1, 110, 126, 187, 22, 78, 149, 225, 0, 137, 65, 172, 116, 122, 6, 57, 225, 70, 2, 26, 255, 170, 0, 207, 46, 198, 190, 76, 55, 64, 158, 127, 52, 227, 157, 115, 59, 161, 156, 221, 228, 123, 204, 174, 17, 200, 13 } main, WRITE: TLSv1 Handshake, length = 134 SESSION KEYGEN: PreMaster Secret: 0000: 03 01 6E 7E BB 16 4E 95 E1 00 89 41 AC 74 7A 06 ..n...N....A.tz. 0010: 39 E1 46 02 1A FF AA 00 CF 2E C6 BE 4C 37 40 9E 9.F.........L7@. 0020: 7F 34 E3 9D 73 3B A1 9C DD E4 7B CC AE 11 C8 0D . 4..s;.......... CONNECTION KEYGEN: Client Nonce: 0000: 45 D9 3A 0C 6F 88 00 EB C7 8F 01 F7 F9 9C 88 3D E.:.o..........= 0010: 6F A8 1B B6 75 0D E7 2B 12 75 9B C2 6A 2A B6 72 o...u.. +.u..j*.r Server Nonce: 0000: 45 D9 39 9C 2D F7 B1 BB 62 6F 51 0A 73 14 E8 36 E. 9.-...boQ.s..6 0010: 15 74 10 D1 3F E6 22 18 50 B4 53 15 64 66 7D 5D .t..?.".P.S.df.] Master Secret: 0000: BC 6E D8 B9 B4 48 FF 68 77 0C ED 31 01 29 96 BC .n...H.hw.. 1.).. 0010: 1A DE C9 E6 09 D0 98 B3 1F AE AC 40 22 FB 32 AA ...........@". 2. 0020: 92 FA 69 5A 9F D6 62 0F 5F 8F 4D 85 FF 56 5F F8 ..iZ..b._.M..V_. Client MAC write Secret: 0000: AB D2 17 06 39 01 A8 CF 3A 85 13 11 B7 6F 84 27 .... 9...:....o.' Server MAC write Secret: 0000: A5 FA 6D 0A DD 4D 7B AC 8A F4 C7 4C 75 38 DD 77 ..m..M.....Lu8.w Client write key: 0000: 17 7D A4 B9 D6 0A B4 39 2A 54 0A E1 D1 9E 99 4C ....... 9*T.....L Server write key: 0000: 99 09 7A 1B D2 91 EA 5B A6 79 AD 25 E3 EF 50 3A ..z....[.y. %..P: ... no IV for cipher main, WRITE: TLSv1 Change Cipher Spec, length = 1 JsseJCE: Using JSSE internal implementation for cipher RC4 *** Finished verify_data: { 191, 175, 96, 88, 3, 207, 223, 205, 8, 95, 26, 156 } *** main, WRITE: TLSv1 Handshake, length = 32 main, READ: TLSv1 Change Cipher Spec, length = 1 JsseJCE: Using JSSE internal implementation for cipher RC4 main, READ: TLSv1 Handshake, length = 32 *** Finished verify_data: { 25, 77, 240, 210, 123, 172, 186, 59, 206, 95, 247, 206 } *** %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5] %% Invalidated: [Session-1, SSL_RSA_WITH_RC4_128_MD5] main, called close() main, called closeInternal(true) main, SEND TLSv1 ALERT: warning, description = close_notify main, WRITE: TLSv1 Alert, length = 18 trigger seeding of SecureRandom done seeding SecureRandom setSoTimeout(2000) called %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1155086862 bytes = { 183, 59, 145, 120, 72, 186, 6, 217, 240, 60, 97, 121, 168, 36, 35, 20, 16, 15, 130, 102, 69, 175, 98, 239, 51, 72, 232, 130 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA] Compression Methods: { 0 } *** main, WRITE: TLSv1 Handshake, length = 73 main, WRITE: SSLv2 client hello message, length = 98 main, READ: TLSv1 Handshake, length = 679 *** ServerHello, TLSv1 RandomCookie: GMT: 1155086494 bytes = { 108, 44, 160, 233, 211, 242, 86, 241, 156, 22, 118, 242, 46, 253, 63, 244, 148, 9, 75, 97, 73, 49, 41, 150, 27, 22, 34, 123 } Session ID: {69, 217, 57, 158, 183, 94, 29, 30, 174, 215, 115, 194, 22, 28, 19, 15, 32, 20, 233, 100, 120, 63, 127, 167, 124, 153, 216, 181, 90, 150, 6, 61} Cipher Suite: SSL_RSA_WITH_RC4_128_MD5 Compression Method: 0 *** %% Created: [Session-2, SSL_RSA_WITH_RC4_128_MD5] ** SSL_RSA_WITH_RC4_128_MD5 *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=XXXXXXXX, OU=XXXXXXXX, O=XXXXXXX, L=XXXXXXXXX, ST=XX, C=XXXXXX Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4 Key: SunJSSE RSA public key: public exponent: 010001 modulus: 6a5d4621 af4cff83 0c168348 b3e63334 20b2682c f8808497 dcce35b5 6dc381f4 43dac70c e114379a 282601f3 4375207b 28c10ef0 233383df 55580196 bea889d0 a2db02d3 66eae648 8c7b07e2 400833ea a114081e 23328a95 68688356 acf9d3eb e2801cb5 09efa3a8 86c5dc95 baf14fc5 32786178 465ae53b b08c1660 84f587a5 Validity: [From: Fri Dec 15 00:19:33 GMT+05:30 2006, To: Mon Dec 14 00:19:33 GMT+05:30 2009] Issuer: CN=XXXXXXXX, OU=XXXXXXXX, O=XXXXXXX, L=XXXXXXXXX, ST=XX, C=XXXXXX SerialNumber: [ 45819cbd] ] Algorithm: [MD5withRSA] Signature: 0000: 67 2A 4B 6A C8 98 3D ED 94 C1 30 CE FE 84 38 17 g*Kj..=... 0...8. 0010: D1 30 20 E0 9E D9 D2 ED 8B E3 11 55 1B 6C A8 39 . 0 ........U.l.9 0020: F2 99 4A D6 57 5C 19 8D 9D A6 5E B0 EC 51 B5 32 ..J.W \....^..Q.2 0030: AB C5 06 FE C8 7D 5E E6 A4 37 E2 0C 36 2D 7A 82 ......^..7..6- z. 0040: B5 D5 0A 33 CC EC 53 26 56 74 88 A1 49 AF F1 9A ... 3..S&Vt..I... 0050: D3 C3 66 B5 F8 6C 71 88 27 82 35 71 DD EF F8 4C ..f..lq.'. 5q...L 0060: 85 A4 57 EF 2B 00 86 05 3E A2 43 B4 2E CC 85 A5 ..W. +...>.C..... 0070: 9D 8A C8 9B B2 EA 3C 65 30 03 35 0B D2 41 F6 2A ......<e0.5..A.* ] *** *** ServerHelloDone JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/ PKCS1Padding *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 Random Secret: { 3, 1, 186, 219, 7, 135, 115, 151, 104, 176, 84, 47, 243, 241, 171, 40, 206, 199, 16, 248, 153, 62, 193, 45, 146, 46, 102, 56, 62, 231, 31, 223, 100, 101, 153, 113, 158, 91, 34, 252, 160, 157, 158, 6, 212, 222, 105, 191 } main, WRITE: TLSv1 Handshake, length = 134 SESSION KEYGEN: PreMaster Secret: 0000: 03 01 BA DB 07 87 73 97 68 B0 54 2F F3 F1 AB 28 ......s.h.T/...( 0010: CE C7 10 F8 99 3E C1 2D 92 2E 66 38 3E E7 1F DF .....>.-..f8>... 0020: 64 65 99 71 9E 5B 22 FC A0 9D 9E 06 D4 DE 69 BF de.q. [".......i. CONNECTION KEYGEN: Client Nonce: 0000: 45 D9 3A 0E B7 3B 91 78 48 BA 06 D9 F0 3C 61 79 E.:..;.xH....<ay 0010: A8 24 23 14 10 0F 82 66 45 AF 62 EF 33 48 E8 82 .$#....fE.b. 3H.. Server Nonce: 0000: 45 D9 39 9E 6C 2C A0 E9 D3 F2 56 F1 9C 16 76 F2 E. 9.l,....V...v. 0010: 2E FD 3F F4 94 09 4B 61 49 31 29 96 1B 16 22 7B ..?...KaI1)...". Master Secret: 0000: D2 A3 90 F7 EF 57 21 EA 36 8C 87 87 60 45 2F C3 .....W!. 6...`E/. 0010: 2E F9 9D 70 13 D5 46 EB DC C6 73 70 EF 94 EB 59 ...p..F...sp...Y 0020: 8B D1 1E 34 CF E8 CF 48 96 7C 48 39 7F 2A 70 51 ... 4...H..H9.*pQ Client MAC write Secret: 0000: 87 68 CD F7 CB 37 08 1F 19 B2 82 2C 07 4A 8A 64 .h... 7.....,.J.d Server MAC write Secret: 0000: 5E 09 3F 78 91 B4 48 C3 69 94 20 24 B8 B6 8D F4 ^.?x..H.i. $.... Client write key: 0000: 1E 5E 67 09 2C CD ED A9 CD 7E CA F7 95 AC 32 DA .^g.,......... 2. Server write key: 0000: 21 5B 8B 68 B4 CB EC FC 8B BF BB 3C 69 08 77 75 ! [.h.......<i.wu ... no IV for cipher main, WRITE: TLSv1 Change Cipher Spec, length = 1 JsseJCE: Using JSSE internal implementation for cipher RC4 *** Finished verify_data: { 229, 206, 100, 121, 133, 21, 49, 18, 81, 144, 164, 28 } *** main, WRITE: TLSv1 Handshake, length = 32 main, READ: TLSv1 Change Cipher Spec, length = 1 JsseJCE: Using JSSE internal implementation for cipher RC4 main, READ: TLSv1 Handshake, length = 32 *** Finished verify_data: { 214, 92, 134, 169, 255, 74, 248, 219, 138, 172, 158, 198 } *** %% Cached client session: [Session-2, SSL_RSA_WITH_RC4_128_MD5] setSoTimeout(2000) called setSoTimeout(0) called main, READ: TLSv1 Application Data, length = 61 main, READ: TLSv1 Application Data, length = 71 main, WRITE: TLSv1 Application Data, length = 36 main, READ: TLSv1 Application Data, length = 61 main, WRITE: TLSv1 Application Data, length = 37 main, READ: TLSv1 Application Data, length = 71 main, READ: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 87 main, READ: TLSv1 Application Data, length = 87 main, READ: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 77 main, READ: TLSv1 Application Data, length = 76 main, READ: TLSv1 Application Data, length = 79 main, READ: TLSv1 Application Data, length = 78 main, READ: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 87 main, READ: TLSv1 Application Data, length = 87 main, READ: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 44 main, READ: TLSv1 Application Data, length = 89 main, READ: TLSv1 Application Data, length = 63 main, READ: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 48 main, WRITE: TLSv1 Application Data, length = 29 main, READ: TLSv1 Application Data, length = 44 main, WRITE: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 37 main, WRITE: TLSv1 Application Data, length = 29 main, READ: TLSv1 Application Data, length = 44 main, WRITE: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 35 main, WRITE: TLSv1 Application Data, length = 40 main, READ: TLSv1 Application Data, length = 46 main, WRITE: TLSv1 Application Data, length = 22 main, READ: TLSv1 Application Data, length = 69 %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1155086872 bytes = { 130, 77, 150, 77, 223, 150, 17, 36, 24, 182, 175, 240, 92, 236, 242, 59, 29, 18, 241, 222, 154, 52, 49, 253, 147, 246, 13, 150 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA] Compression Methods: { 0 } *** main, WRITE: TLSv1 Handshake, length = 73 main, WRITE: SSLv2 client hello message, length = 98 main, handling exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? main, SEND TLSv1 ALERT: fatal, description = unexpected_message main, WRITE: TLSv1 Alert, length = 2 main, called closeSocket() main, called close() main, called closeInternal(true) main, SEND TLSv1 ALERT: warning, description = close_notify main, WRITE: TLSv1 Alert, length = 18 main, called close() main, called closeInternal(true) main, called close() main, called closeInternal(true) main, called close() main, called closeInternal(true) main, called close() main, called closeInternal(true) javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? at com.sun.net.ssl.internal.ssl.InputRecord.b(Unknown Source) at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source) at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source) at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(Unknown Source) at sun.nio.cs.StreamDecoder$CharsetSD.implRead(Unknown Source) at sun.nio.cs.StreamDecoder.read(Unknown Source) at java.io.InputStreamReader.read(Unknown Source) at java.io.BufferedReader.fill(Unknown Source) at java.io.BufferedReader.readLine(Unknown Source) at java.io.BufferedReader.readLine(Unknown Source) at xxx.xxx.xxx.ftps.FTPSClientExample.main(FTPSClientExample.java:20) > Pl find the debug trace below > The control connection handshake is proper. But the data connection > handshake is messed up. Pl let me know if you see any pointers. SNIP The connection is failing very early on. The Client send its ClientHello and expects to get a ServerHello back. This is not happening which suggests that the server is using a plain text socket. You could confirm this by setting up a trace on the connection using something like Ethereal to view the packets exchanged (the connection will not be secured at this point so this will not be a problem). What SFTP server are you using? Is there any way to configure the server to use secure/non-secure data channels? Have you tried forcing the securing of the data channel using the FTP commands: PBSZ 0 PROT P Regards, Damian. HI Damien Thanks very much for the pointer. I was sending the command much later. I moved it after suucessful connection and it works fine now. Thanks a lot again SV Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.