powered by Jive Software

SSL Issue Unsupported SSL v2.0

I am using Messenger 2.1.1 my client is GaimWin32 1.1.2 and TrillianPro 3

I have no issue connecting with gaim 1.1.3 on Linux but when I try the above clients I get the following error in the WARN log

2005.02.18 17:03:59 Stream error detected

javax.net.ssl.SSLException: Unsupported SSL v2.0 ClientHello

at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:4 53)

at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:343)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:720)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImp l.java:1025)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:67 5)

at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)

at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)

at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)

at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)

at java.io.InputStreamReader.read(InputStreamReader.java:167)

at org.xmlpull.mxp1.MXParser.fillBuf(MXParser.java:2972)

at org.xmlpull.mxp1.MXParser.more(MXParser.java:3026)

at org.xmlpull.mxp1.MXParser.parseProlog(MXParser.java:1410)

at org.xmlpull.mxp1.MXParser.nextImpl(MXParser.java:1395)

at org.xmlpull.mxp1.MXParser.next(MXParser.java:1093)

at org.jivesoftware.messenger.net.SocketReadThread.createSession(SocketReadThread. java:241)

at org.jivesoftware.messenger.net.SocketReadThread.run(SocketReadThread.java:105)

Any ideas? the important info apears to be “Unsupported SSL v2.0 ClientHello” Do I need to set more or less restrictive security settings for the JVM? Is this particular ssl client impl really not supported ? I assume these clients are using some MS ssl client libs to do the job.

I’‘m seeing the same issue. I resorted to using stunnel on another port to allow Trillian users in for now. Seems like it’‘s Cerulean’'s responsibility to fix, really. Their Jabber plugin has been a frustration for many people.

This might actually be Jive Messenger’‘s fault instead of Trillian’'s. At the moment, we only support the older style of SSL/TLS connections and not the new style as described in the XMPP RFC. We want to get the new style supported in an upcoming release.

Regards,

Matt

Matt, will you be figuring out a way to do both in case of newer/older clients?

Matt, will you be figuring out a way to do both in

case of newer/older clients?

Yes – for new clients, it will all be transparent. They’'ll use port 5222 and when they ask to use SSL/TLS the server will support it. For older clients, we can continue to support a dedicated port for SSL/TLS (5223).

Regards,

Matt

=( I was falling in love with this server until I hit this wall. My boss wants secure IM that is under our control ASAP. This server was easiest to install and admin. The bad news is over half our employees use Trillian.

I should not ask as I know what it is like, but, any ETA?

Trillian and Java SSL don’‘t work together for reasons that I don’'t understand. Supporting old style SSL on port 5223 will not fixed the problem. I tried it and Trillian still fails.

FWIW, Trillian appears to use the old style connections. So, i am not sure what the problem is. I can connect Trillian to jabber.org using SSL. I guess they are running jabberd. Not sure if it is v1 or v2.

Will a bug be filed on this one?

Would like to see a bug filed on this for 2.2.0. Currently this is affecting both Gaim and Trillian.

Matt,

I was wondering if you have resolved this in the most recent beta version of Jive Messenger. I’‘m currently running 2.3.0-beta-1. I’'m trying to write a bot for Jive Messenger using the Net::Jabber and Net::XMPP perl modules. However, no matter what I do, I continually get the

javax.net.ssl.SSLException: Unsupported SSL v2.0 ClientHello

…error message.

Any progress on this one?