Java Error - Unsported SSL v2.0

Daven_Combs · October 17, 2006, 1:12pm

Greetings,

I am installing my wildfire behind a firewall and have managed to get all the ports open correctly and have twoway communication. My problem is that I need to have SSL/TLS working and I’'m getting the following error in debug with any connection I try to make on port 5223:

2006.10.17 09:07:18 SSL Connect 7b2d93[SSL_NULL_WITH_NULL_NULL: Socket[addr=/134.68.11.205,port=1565,localport=5223]]

2006.10.17 09:07:18 Error creating session

javax.net.ssl.SSLException: Unsupported SSL v2.0 ClientHello

at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:4 71)

at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:723)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImp l.java:1030)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:67 8)

at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)

at org.jivesoftware.wildfire.net.ServerTrafficCounter$InputStreamWrapper.read(Serv erTrafficCounter.java:183)

at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)

at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)

at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)

at java.io.InputStreamReader.read(InputStreamReader.java:167)

at org.xmlpull.mxp1.MXParser.fillBuf(MXParser.java:2992)

at org.xmlpull.mxp1.MXParser.more(MXParser.java:3046)

at org.xmlpull.mxp1.MXParser.parseProlog(MXParser.java:1410)

at org.jivesoftware.wildfire.net.MXParser.nextImpl(MXParser.java:331)

at org.xmlpull.mxp1.MXParser.next(MXParser.java:1093)

at org.jivesoftware.wildfire.net.SocketReader.createSession(SocketReader.java:432)

at org.jivesoftware.wildfire.net.BlockingReadingMode.run(BlockingReadingMode.java: 53)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:123)

at java.lang.Thread.run(Thread.java:595)

Could someone please tell me what i’'m doing wrong?

I’‘ve created my own working (so far as I know) keystore. I’‘m using what’'s out of the box with the truststore. Any help is appreciated. Thank you.

-Daven

Gaston_Dombiak · October 17, 2006, 3:14pm

Hey Daven,

Have you created one certificate with the DSA algorithm and one with the RSA algorithm? Are these self-signed certificates and the client is accepting self-signed certificates? BTW, which version of the server are you using and which client?

Regards,

– Gato

LG1 · October 17, 2006, 3:48pm

Hi,

do you really want to use (old) SSL (port 5223) or TLS (port 5222)?

LG

Daven_Combs · October 17, 2006, 8:25pm

I personally don’‘t, but it’'s been requested by someone higher than I. TLS works fine.

-Daven

Daven_Combs · October 17, 2006, 8:31pm

I followed the SSL document located at:

http://www.jivesoftware.org/builds/wildfire/docs/latest/documentation/ssl-guide. html

It only states to create one self-signed cert which I did and erase the DSA/RSA defaults, which I did.

I’'m using Wildfire 3.0.1 and the client is Spark 2.0.2 as well as Trillian Pro (Not sure on version)

The TLS port works fine but management wants me to use SSL which gives me said error.

-Daven

Daven_Combs · October 17, 2006, 11:10pm

I just went home and downloaded the trial for Trillian Pro 3. Here is what I get from trillian’'s end of things:

*** Creating SSL connection "xxxxxx@xxxxxxxx.xxx.xxx/Trillian"

*** No connection to server!

*** Disconnected.

I would certainly apprecaite as much information as anyone can provide. There is an immediate need for this while we lay out our fiber network through out our state. Thanks.

-Daven