Hi Roy, In v2.2.0, the org.restlet.ext.ssl module has been split into:
- an org.restlet.ext.jsslutils.jar module (not necessary for your case, integration with jSSLutils library for special SSL certificates) - the org.restlet.jar core module So, you should be able to remove the org.restlet.ext.ssl.jar dependency altogether and try again. Thanks, Jerome -- http://restlet.org @jlouvel <http://twitter.com/#!/jlouvel> On Wed, Apr 23, 2014 at 2:51 PM, Roy Olsen <roy.ol...@pondersolutions.net>wrote: > I'm finding that SSL connections fail with Restlet 2.1.7. When using curl > to test it, the initial negotiation seems to work and I see the message > "TLS handshake, Finished", but then it hangs for about 30 seconds before > curl returns an "Unknown SSL protocol error" message. > > I have a build of the same application using Restlet 1.1 that works fine > when running this test with the same certificate. > > I was not able to do this test with Restlet 2.2.0. I can't figure out what > to jars to use since I see no replacement for org.restlet.ext.ssl.jar > > The code I'm using to configure the server is: > > Context context = component.getContext().createChildContext(); > Server server = new Server(context, Protocol.HTTPS, portNo, component); > DefaultSslContextFactory sslContextFactory = new > DefaultSslContextFactory(); > sslContextFactory.setProtocol("SSL"); > sslContextFactory.setKeyStoreType("JKS"); > sslContextFactory.setKeyStorePath(config.getString("https.keystore")); > sslContextFactory.setKeyStorePassword(storePass); > sslContextFactory.setKeyStoreKeyPassword(keyPass); > sslContextFactory.setKeyManagerAlgorithm("SunX509"); > server.getContext().getAttributes().put("sslContextFactory", > sslContextFactory); > serverList.add(server); > > Here's the output from curl: > > curl -v -k -d @POSample1.xml https://localhost > * About to connect() to localhost port 443 (#0) > * Trying 127.0.0.1... connected > * Connected to localhost (127.0.0.1) port 443 (#0) > * SSLv3, TLS handshake, Client hello (1): > * SSLv3, TLS handshake, Server hello (2): > * SSLv3, TLS handshake, CERT (11): > * SSLv3, TLS handshake, Server key exchange (12): > * SSLv3, TLS handshake, Server finished (14): > * SSLv3, TLS handshake, Client key exchange (16): > * SSLv3, TLS change cipher, Client hello (1): > * SSLv3, TLS handshake, Finished (20): > (HANGS AT THIS POINT) > * Unknown SSL protocol error in connection to localhost:443 > * Closing connection #0 > curl: (35) Unknown SSL protocol error in connection to localhost:443 > > Here's that last part of what's logged by the server before the connection > process hangs: > > SESSION KEYGEN: > PreMaster Secret: > 0000: > 0010: > 0020: > 0030: > 0040: > 0050: > CONNECTION KEYGEN: > Client Nonce: > 0000: > 0010: > Server Nonce: > 0000: > 0010: > Master Secret: > 0000: > 0010: > 0020: > Client MAC write Secret: > 0000: > 0010: > Server MAC write Secret: > 0000: > 0010: > Client write key: > 0000: > 0010: > Server write key: > 0000: > 0010: > Client write IV: > 0000: > Server write IV: > 0000: > [read] MD5 and SHA1 hashes: len = 102 > 0000: > 0010: > 0020: > 0030: > 0040: > 0050: > 0060: > > ------------------------------------------------------ > > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3076942 > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3076946