3

When I tried to make a ajax call with httpclient 4.4.1 to hit a web service that it is located in other site, and I'm seeing the following problem: 

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:185)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.upgrade(PoolingHttpClientConnectionManager.java:369)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:415)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at utilities.Utilities.executeRequest(Utilities.java:229)
at utilities.Utilities.makePost(Utilities.java:301)
at utilities.Utilities.makePost(Utilities.java:307)
at utilities.AudioUtteranceUtilities.createAudioUtterance(AudioUtteranceUtilities.java:21)
at dataset.tst_preprod.CommonSteps.createDataSet(CommonSteps.java:35)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.jbehave.core.steps.StepCreator$MethodInvoker.invoke(StepCreator.java:798)
at org.jbehave.core.steps.StepCreator$BeforeOrAfterStep.perform(StepCreator.java:489)
at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:535)
at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:515)
at org.jbehave.core.embedder.StoryRunner.runBeforeOrAfterStorySteps(StoryRunner.java:460)
at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:268)
at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220)
at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181)
at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:262)
at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:229)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(Unknown Source)
... 38 more

I have jre8 and the debug is the following

            *** ClientHello, TLSv1.2
        RandomCookie:  GMT: 1422120426 bytes = { 181, 85, 212, 79, 3, 50, 253, 71, 166, 7, 222, 228, 188, 111, 117, 149, 155, 68, 136, 84, 225, 133, 134, 154, 8, 102, 86, 188 }
        Session ID:  {}
        Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
        Compression Methods:  { 0 }
        Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
        Extension ec_point_formats, formats: [uncompressed]
        Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
        Extension server_name, server_name: [type=host_name (0), value=ldsnewtst01.amr.corp.intel.com]
        ***
        [write] MD5 and SHA1 hashes:  len = 246
        0000: 01 00 00 F2 03 03 55 C4   D6 EA B5 55 D4 4F 03 32  ......U....U.O.2
        0010: FD 47 A6 07 DE E4 BC 6F   75 95 9B 44 88 54 E1 85  .G.....ou..D.T..
        0020: 86 9A 08 66 56 BC 00 00   46 C0 23 C0 27 00 3C C0  ...fV...F.#.'.<.
        0030: 25 C0 29 00 67 00 40 C0   09 C0 13 00 2F C0 04 C0  %.).g.@...../...
        0040: 0E 00 33 00 32 C0 2B C0   2F 00 9C C0 2D C0 31 00  ..3.2.+./...-.1.
        0050: 9E 00 A2 C0 08 C0 12 00   0A C0 03 C0 0D 00 16 00  ................
        0060: 13 C0 07 C0 11 00 05 C0   02 C0 0C 00 04 00 FF 01  ................
        0070: 00 00 83 00 0A 00 34 00   32 00 17 00 01 00 03 00  ......4.2.......
        0080: 13 00 15 00 06 00 07 00   09 00 0A 00 18 00 0B 00  ................
        0090: 0C 00 19 00 0D 00 0E 00   0F 00 10 00 11 00 02 00  ................
        00A0: 12 00 04 00 05 00 14 00   08 00 16 00 0B 00 02 01  ................
        00B0: 00 00 0D 00 1A 00 18 06   03 06 01 05 03 05 01 04  ................
        00C0: 03 04 01 03 03 03 01 02   03 02 01 02 02 01 01 00  ................
        00D0: 00 00 23 00 21 00 00 1E   6C 64 73 6E 65 77 74 73  ..#.!...ldsnewts
        00E0: 74 30 31 2E 61 6D 72 2E   63 6F 72 70 2E 69 6E 74  t01.amr.corp.int
        00F0: 65 6C 2E 63 6F 6D                                  el.com
        pool-1-thread-1, WRITE: TLSv1.2 Handshake, length = 246
        [Raw write]: length = 251
        0000: 16 03 03 00 F6 01 00 00   F2 03 03 55 C4 D6 EA B5  ...........U....
        0010: 55 D4 4F 03 32 FD 47 A6   07 DE E4 BC 6F 75 95 9B  U.O.2.G.....ou..
        0020: 44 88 54 E1 85 86 9A 08   66 56 BC 00 00 46 C0 23  D.T.....fV...F.#
        0030: C0 27 00 3C C0 25 C0 29   00 67 00 40 C0 09 C0 13  .'.<.%.).g.@....
        0040: 00 2F C0 04 C0 0E 00 33   00 32 C0 2B C0 2F 00 9C  ./.....3.2.+./..
        0050: C0 2D C0 31 00 9E 00 A2   C0 08 C0 12 00 0A C0 03  .-.1............
        0060: C0 0D 00 16 00 13 C0 07   C0 11 00 05 C0 02 C0 0C  ................
        0070: 00 04 00 FF 01 00 00 83   00 0A 00 34 00 32 00 17  ...........4.2..
        0080: 00 01 00 03 00 13 00 15   00 06 00 07 00 09 00 0A  ................
        0090: 00 18 00 0B 00 0C 00 19   00 0D 00 0E 00 0F 00 10  ................
        00A0: 00 11 00 02 00 12 00 04   00 05 00 14 00 08 00 16  ................
        00B0: 00 0B 00 02 01 00 00 0D   00 1A 00 18 06 03 06 01  ................
        00C0: 05 03 05 01 04 03 04 01   03 03 03 01 02 03 02 01  ................
        00D0: 02 02 01 01 00 00 00 23   00 21 00 00 1E 6C 64 73  .......#.!...lds
        00E0: 6E 65 77 74 73 74 30 31   2E 61 6D 72 2E 63 6F 72  newtst01.amr.cor
        00F0: 70 2E 69 6E 74 65 6C 2E   63 6F 6D                 p.intel.com
        pool-1-thread-1, received EOFException: error
        pool-1-thread-1, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
        pool-1-thread-1, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
        pool-1-thread-1, WRITE: TLSv1.2 Alert, length = 2
        [Raw write]: length = 7
        0000: 15 03 03 00 02 02 28                               ......(
        pool-1-thread-1, called closeSocket()

I have started to have this problem yesterday, before this worked successfully, I could make ajax call successfully, but now I'm getting that error

Improve this question

2 Answers 2

Reset to default
3

If the server site closed directly after receiving the ClientHello this can just be anything, like:

  • a firewall between you and the server blocking the connection
  • server croaking because it can not deal with the ciphers or protocol version offered by the client
  • misconfigured server
  • wrong hostname used
  • ...

To narrow down the cause try with other clients, like various web browsers, curl etc. If they succeed look at the SSL handshake to find out what they are doing different (i.e. different ciphers or protocols). If they fail too look at the server side for errors and try to make sure that the packets are received at the server at all, i.e. that no firewall is blocking the traffic.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Unlikely to be a firewall. That would cause a connection timeout.
@EJP: SSL intercepting firewalls often cause a connection close after they've parsed the ClientHello and decided hat the client is not allowed to access this target host. They don't simply drop the ClientHello but actively close the connection.
After checking with the server side they advised to use TLS1.1 or TLS1.2. I did that from the java application like System.setProperty("https.protocols", "TLSv1.1,TLSv1.2"); but still I am getting the same exception from the server side javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
@Salman: new questions should not be posted as comments. There are lots of reasons you might get this error and there are lots of questions about this topic at this site
3

Thanks for your answer! I was setting a proxy for 

HttpHost proxy = new HttpHost("proxy.com", 911, "http");
RequestConfig config = RequestConfig.custom().setProxy(proxy).build();

I changed this way by the following:

System.setProperty("http.proxyHost", "proxy.com");
System.setProperty("http.proxyPort", "911");

And that is working successfully. I don't know why the before way is not working well.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.