SSL Handshake Hangs

Wed, 23 Apr 2014 14:52:29 -0700 

I'm finding that SSL connections fail with Restlet 2.1.7. When using curl to 
test it, the initial negotiation seems to work and I see the message "TLS 
handshake, Finished", but then it hangs for about 30 seconds before curl 
returns an "Unknown SSL protocol error" message.

I have a build of the same application using Restlet 1.1 that works fine when 
running this test with the same certificate.

I was not able to do this test with Restlet 2.2.0. I can't figure out what to 
jars to use since I see no replacement for org.restlet.ext.ssl.jar

The code I'm using to configure the server is:

   Context context = component.getContext().createChildContext();
   Server server = new Server(context, Protocol.HTTPS, portNo, component); 
   DefaultSslContextFactory sslContextFactory = new DefaultSslContextFactory(); 
   sslContextFactory.setProtocol("SSL"); 
   sslContextFactory.setKeyStoreType("JKS"); 
   sslContextFactory.setKeyStorePath(config.getString("https.keystore")); 
   sslContextFactory.setKeyStorePassword(storePass); 
   sslContextFactory.setKeyStoreKeyPassword(keyPass); 
   sslContextFactory.setKeyManagerAlgorithm("SunX509");            
   server.getContext().getAttributes().put("sslContextFactory", 
sslContextFactory);
   serverList.add(server);

Here's the output from curl:
   
   curl -v -k -d @POSample1.xml https://localhost
   * About to connect() to localhost port 443 (#0)
   *   Trying 127.0.0.1... connected
   * Connected to localhost (127.0.0.1) port 443 (#0)
   * SSLv3, TLS handshake, Client hello (1):
   * SSLv3, TLS handshake, Server hello (2):
   * SSLv3, TLS handshake, CERT (11):
   * SSLv3, TLS handshake, Server key exchange (12):
   * SSLv3, TLS handshake, Server finished (14):
   * SSLv3, TLS handshake, Client key exchange (16):
   * SSLv3, TLS change cipher, Client hello (1):
   * SSLv3, TLS handshake, Finished (20):
   (HANGS AT THIS POINT)
   * Unknown SSL protocol error in connection to localhost:443
   * Closing connection #0
   curl: (35) Unknown SSL protocol error in connection to localhost:443
 
Here's that last part of what's logged by the server before the connection 
process hangs:
   
   SESSION KEYGEN:
   PreMaster Secret:
   0000:
   0010:
   0020:
   0030:
   0040:
   0050:
   CONNECTION KEYGEN:
   Client Nonce:
   0000:
   0010:
   Server Nonce:
   0000:
   0010:
   Master Secret:
   0000:
   0010:
   0020:
   Client MAC write Secret:
   0000:
   0010:
   Server MAC write Secret:
   0000:
   0010:
   Client write key:
   0000:
   0010:
   Server write key:
   0000:
   0010:
   Client write IV:
   0000:
   Server write IV:
   0000:
   [read] MD5 and SHA1 hashes:  len = 102
   0000:
   0010:
   0020:
   0030:
   0040:
   0050:
   0060:

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3076942

Reply via email to