users@grizzly.java.net

SSL Error connecting Netty client to Grizzly based server after successfull handshake

From: César Fernando Henriques <cesar_at_alttab.com.ar>
Date: Sun, 31 May 2009 13:37:37 -0300

Hi Guys, I'm working with Netty to build the client side of my
project. I need to connect to a Grizzly based server listening on port
443 (ssl enabled). My server is working properly with IE and Firefox,
so I'm preety sure I'm doing something wrong on my client side. (I
have already posted this email on Netty List), but maybe someone has
already see this exception before.

I'm getting this error on the server side:

javax.net.ssl.SSLException: Unsupported record version Unknown-69.84
       at com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97)
       at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:771)
       at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:686)

And this is the way I have configured the SSLHandler (Netty client):

           System.setProperty("javax.net.ssl.trustStore", "certs/cacerts");
           System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

           SSLContext sslContext = SSLContext.getDefault();
           SSLEngine sslEngine = sslContext.createSSLEngine();
           sslEngine.setUseClientMode(true);
           pipeline.addFirst("sslHandler", new SslHandler(sslEngine, true));

and my client code:

        ChannelFactory factory = new NioClientSocketChannelFactory(
               Executors.newCachedThreadPool(),
               Executors.newCachedThreadPool());

       ClientBootstrap bootstrap = new ClientBootstrap(factory);
       bootstrap.setPipelineFactory(new HttpClientPipelineFactory(true));

       bootstrap.setOption("tcpNoDelay", true);
       bootstrap.setOption("keepAlive", true);

       ChannelFuture future = bootstrap.connect(
               new InetSocketAddress("10.1.0.100", 443));

       // Wait until the connection attempt succeeds or fails.
       Channel channel = future.awaitUninterruptibly().getChannel();
       if (!future.isSuccess()) {
           future.getCause().printStackTrace();
           factory.releaseExternalResources();
           return;
       }

           ChannelFuture hf;
           try {
               hf =
channel.getPipeline().get(SslHandler.class).handshake(channel);
               hf.awaitUninterruptibly();
               if (!hf.isSuccess()) {
                   logger.log(Level.SEVERE, "Handshake failed", hf.getCause());
               }
           } catch (SSLException ex) {
               Logger.getLogger(PCConnectDaemon.class.getName())
                       .log(Level.SEVERE, null, ex);
           }

       // Send the HTTP request.
       HttpRequest request = new DefaultHttpRequest(
               HttpVersion.HTTP_1_0, HttpMethod.GET, "/login/daemon");
       request.addHeader(HttpHeaders.Names.HOST, 10.1.0.100);

       CookieEncoder httpCookieEncoder = new CookieEncoder(false);
       httpCookieEncoder.addCookie("my-cookie", "foo");
       httpCookieEncoder.addCookie("another-cookie", "bar");
       request.addHeader(HttpHeaders.Names.COOKIE, httpCookieEncoder.encode());
       channel.write(request);

The error is raised after channel.write.

thanks !!!

Cesar.-
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.