3

I am getting the exception as stated in the title of the question, while connecting to server using HTTPS in Java using HttpsURLConnection class. Also I am trying to skip the certificate validation using the second last answer. What can I try next?

Update 1: Stack trace

javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1720)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
    at com.kuliza.sitepulse.thread.HttpConnectionThread.run(HttpConnectionThread.java:77)
    at java.lang.Thread.run(Thread.java:662)

I am getting the exception for the line of code: http.connect(); where http is of the type HttpsURLConnection class.

Update 2: SSL log

Here are the SSL Handshake logs:

[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
Thread-6, READ: SSLv3 Alert, length = 2
Thread-6, RECV SSLv3 ALERT:  fatal, bad_record_mac
Thread-6, called closeSocket()
Improve this question
3
  • 2
    Run your connection attempt with -Djavax.net.debug=all? It'll output a lot of debug information which may help you narrow down where it's going wrong. Commented Feb 22, 2012 at 17:29
  • Hey @FauxFaux i have said as u suggested and also updated the question, but i am still clueless Commented Feb 23, 2012 at 10:56
  • Maybe this will help: support.sonatype.com/entries/… Commented Oct 8, 2012 at 18:44

1 Answer 1

Reset to default
1

I know this is coming in way late, but it might help someone, right?

It might help if you include more of the debug output for the ssl connection leading up to the error which you included. I was seeing the same error and just solved it by including -Dhttps.protocols=SSLv3 -Dforce.http.jre.executor=true in my VM arguements ... so if you're lucky, that might work for you too.

Here's my trace:

SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 31 86 59 ED 17 07   6C 37 1F 17 19 B4 A1 16  ..1.Y...l7......
0010: 30 99 60 A1 31 BB 3A 0A   0E 7F 61 F5 7E 4F 35 7A  0.`.1.:...a..O5z
0020: 21 6F 1D 63 42 A1 63 43   5E 48 B2 67 35 E3 DA DF  !o.cB.cC^H.g5...
CONNECTION KEYGEN:
Client Nonce:
0000: 52 65 F0 96 23 24 71 D6   51 1A EF D6 31 D1 39 2A  Re..#$q.Q...1.9*
0010: 13 13 2E 41 8C 7E 80 B8   C0 6E 8A 8C 4E 5A CD FA  ...A.....n..NZ..
Server Nonce:
0000: 52 65 F0 96 CD 4B BE A9   E1 F8 34 B3 C3 23 14 35  Re...K....4..#.5
0010: 05 4F 5C 18 D7 10 5E 80   7B FF 73 DA 85 60 84 8C  .O\...^...s..`..
Master Secret:
0000: 0D 11 FE 0D CD 99 C3 3F   D9 40 CF BC 2E C7 40 5E  .......?.@....@^
0010: B0 C5 4F 75 4A 0A 39 1E   E2 0F 54 E1 A1 7F CE 72  ..OuJ.9...T....r
0020: 4F 99 8F E2 D9 7F C1 AC   FD D0 89 62 F7 72 F9 6F  O..........b.r.o
Client MAC write Secret:
0000: 80 7C C8 E7 02 6D 29 A3   E2 E5 BA 44 94 18 19 65  .....m)....D...e
0010: 63 5D 5D 8A                                        c]].
Server MAC write Secret:
0000: 06 58 B6 2F 03 FB E7 C6   48 1F 68 5C 10 DD 58 8D  .X./....H.h\..X.
0010: 36 7B AC AA                                        6...
Client write key:
0000: B5 C6 23 1E 88 F2 30 76   39 18 AB 0C 71 94 E7 8A  ..#...0v9...q...
Server write key:
0000: 9D 49 1C 52 13 B9 F8 44   DA 87 6C 1C 93 CD 9C 8B  .I.R...D..l.....
Client write IV:
0000: 07 1A A6 47 7E 6E 2B F4   A6 7A 6D DC 5E 74 E8 0F  ...G.n+..zm.^t..
Server write IV:
0000: 32 93 23 CC F4 83 1F 2C   B7 22 28 8C A2 7D B1 01  2.#....,."(.....
main, WRITE: SSLv3 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 00 00 01 01                                  ......
*** Finished
verify_data:  { 179, 120, 197, 29, 60, 98, 37, 252, 37, 183, 141, 166, 140, 77, 63, 118, 23, 245, 11, 144, 27, 201, 63, 22, 192, 187, 40, 220, 78, 17, 118, 104, 112, 238, 156, 176 }
***
[write] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0                            N.vhp...
Padded plaintext before ENCRYPTION:  len = 64
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0   46 F4 59 24 44 F1 C3 A8  N.vhp...F.Y$D...
0030: 7E FB 80 EB AD 74 35 28   64 31 65 80 03 03 03 03  .....t5(d1e.....
main, WRITE: SSLv3 Handshake, length = 64
[Raw write]: length = 69
0000: 16 03 00 00 40 FE A7 C8   1D 6D 2E A8 A5 C7 78 8D  [email protected].
0010: 68 04 B2 55 42 B3 3C C1   A2 90 F1 A5 9B 39 1D 96  h..UB.<......9..
0020: 53 43 65 15 2A 17 2C 43   70 AE 8C B5 EE 63 C3 91  SCe.*.,Cp....c..
0030: 73 BC D1 45 34 B1 76 46   B8 C5 CE BF 5E 15 72 E6  s..E4.vF....^.r.
0040: FE 16 9C 43 64                                     ...Cd
[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT:  fatal, bad_record_mac
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.