Solved

SSL Handshake Failure

Posted on 2007-03-20
7
3,102 Views
Last Modified: 2013-12-10
Hi,
Our Weblogic 8.1 SP2 application server communicates with a remote server using SSL. We had to perform a system reboot  today but soon after the service began to fail with the error "javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure"

We compared the certificates in the keystore on both servers and they are the same.. The last time anyone messed around these keystores was about 8 months ago but since then everything was perfectly working.

We ran a openssl test from another machine against our Application server and came up with the following:

openssl s_client -debug -showcerts -state -host 192.168.5.10 -port 7013

 

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0814FE10 [08150448] (124 bytes => 124 (0x7C))
0000 - 80 7a 01 03 01 00 51 00-00 00 20 00 00 16 00 00 .z....Q... .....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 05 00 00 04 .........f......
0020 - 03 00 80 01 00 80 08 00-80 00 00 65 00 00 64 00 ...........e..d.
0030 - 00 63 00 00 62 00 00 61-00 00 60 00 00 15 00 00 .c..b..a..`.....
0040 - 12 00 00 09 06 00 40 00-00 14 00 00 11 00 00 08 ......@.........
0050 - 00 00 06 00 00 03 04 00-80 02 00 80 08 3d 21 c6 .............=!.
0060 - 82 8c 2a 19 45 05 fd b8-4b b7 35 96 ef 85 1c 03 ..*.E...K.5.....
0070 - 22 6c a2 b4 00 b1 a4 c1-ae b3 9e 71 "l.........q
SSL_connect:SSLv2/v3 write client hello A
read from 0814FE10 [081559A8] (7 bytes => 7 (0x7))
0000 - 15 03 01 00 02 02 28 ......(
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
7370:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:455

Any ideas of what could be wrong and suggestions to resolve this ?

thnx
sg
0
Comment
Question by:sgaucho
  • 3
  • 3
7 Comments
 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
Make sure the cert hasn't expired
0
 

Author Comment

by:sgaucho
Comment Utility
nope.. thats not it.. and as per what I posted above, the error is occuring even before the HandShake ! - "SSL23_GET_SERVER_HELLO"
0
 

Author Comment

by:sgaucho
Comment Utility
Valid from: Wed May 04 11:54:10 WEST 2005 until: Sun Apr 27 11:39:10 WEST 2008
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
OK. Sure you haven't started the server with a different runtime?
0
 

Author Comment

by:sgaucho
Comment Utility
sorry.. didnt get that.. u mean a different JVM ? If Yes, no.. its the same old JVM..

thnx
0
 
LVL 1

Accepted Solution

by:
sands76 earned 220 total points
Comment Utility
hi,

Add the following to your weblogic startup script ->
-Dssl.debug=true -Dweblogic.StdoutDebugEnabled=true. This should help debug your ssl connection. Also check whether you have all the certificates in your server the same as in the remote server.

see http://e-docs.bea.com/wls/docs81/secmanage/ssl.html#1174543 for more info
0
 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
What did the above reveal?
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Are you developing a Java application and want to create Excel Spreadsheets? You have come to the right place, this article will describe how you can create Excel Spreadsheets from a Java Application. For the purposes of this article, I will be u…
Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
Viewers learn about the “while” loop and how to utilize it correctly in Java. Additionally, viewers begin exploring how to include conditional statements within a while loop and avoid an endless loop. Define While Loop: Basic Example: Explanatio…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now