this post was submitted on 31 Dec 2023
6 points (87.5% liked)

The Java Programming Language

214 readers
6 users here now

Discussion of Java and java-related technologies. This includes things like:

For assistance learning Java, please go to Learn Java

founded 1 year ago
MODERATORS
NuclearArmWrestling
6
I can't get TLS to work (self.java)
submitted 11 months ago* (last edited 11 months ago) by Red1C3 to c/java
7 comments fedilink hide all child comments
 

I've been trying to follow the tutorial here, after failing to apply it to my project I tried to do the tutorial as it is, and I'm still getting handshaking failures.

On the server side, I have the following exception: javax.net.ssl.SSLHandshakeException: No available authentication scheme

While on the client side, I have the following: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

I'd like to add that I'm starting fresh without any previous any keystore nor truststore, executing the commands in the tutorial does generate the key and trust stores.

I've tried making the CN the same as my machine hostname too, didn't work, nothing worked, the server and the client could never handshake.

Side note: this is just a demo I'm doing, so I don't really care if it has security flaws, I'm just trying to get TLS to work.

Thx in advance.

Update: I downgraded from JDK21 to JDK17 and it worked fine :/

top 7 comments
sorted by: hot top controversial new old
[–] DeepThought42 2 points 11 months ago

Try adding "-Djavax.net.debug=all" to your client command line. The output should point you to what exactly is the matter. Most likely something isn't right with the certs and/or keystore.

[–] [email protected] 1 points 11 months ago (1 children)

Are you using the server and client from the tutorial?

[–] Red1C3 1 points 11 months ago (1 children)

Yes.

[–] [email protected] 1 points 11 months ago (1 children)

I copied the commands and ran the server and client from the tutorial and it worked. I'm using java 17, what version are you running?

[–] Red1C3 1 points 11 months ago* (last edited 11 months ago)

I'm running on 21, I'll install 17 and try again

Update: it works fine on 17, not sure why it fails on 21

[–] [email protected] 1 points 11 months ago (1 children)

Is the client presenting a client certificate? handshake_failure with mTLS generally means the client isn't presenting a certificate when the server requires it

[–] Red1C3 1 points 11 months ago

Yes I guess, downgrading my JDK really did make it work, probably something in the docs has the answer to why something has stopped working