Should it be relevant, I'm using OS X 10.6.8, Java version 1.6.0_26. Verify return code: 18 (self signed certificate)Īs noted, after all that, it does connect successfully which is more than you can say for my Java app. New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA SSL handshake has read 2178 bytes and written 468 bytes Here's what happens when I connect to 6697 using 'openssl' from commandline: ~ $ openssl s_client -connect :6697ĭepth=0 error:num=18:self signed certificate So I'm wondering if this is a limitation of Java default SSL support, or something. Obviously one possibility is that esper's server is misconfigured, but I searched and didn't find any other references to people having problems with esper's SSL ports, and 'openssl' connects to it (see below).
#Handshaker 10.7.5 mac code#
And yes there is some magic going on with the 'trustAllCerts' that code forces the SSL system not to validate certs. It's that last startHandshake that throws the exception. S.connect(new InetSocketAddress(host, port), timeout) S = (SSLSocket)sslContext.getSocketFactory().createSocket() SslContext.init(null, trustAllCerts, new SecureRandom()) My code (which as noted does work when connecting to some SSL servers) is: SSLContext sslContext = SSLContext.getInstance("SSL") An example of a server that does not demonstrate the problem is :6697. When I make an SSL connection with some IRC servers (but not others - presumably due to the server's preferred encryption method) I get the following exception: Caused by: : Could not generate DH keypairĪt .(DHCrypt.java:106)Īt .(ClientHandshaker.java:556)Īt .(ClientHandshaker.java:183)Īt .(Handshaker.java:593)Īt ._record(Handshaker.java:529)Īt .(SSLSocketImpl.java:893)Īt .(SSLSocketImpl.java:1138)Īt .(SSLSocketImpl.java:1165)įinal cause: Caused by: : Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive)Īt .DHKeyPairGenerator.initialize(DashoA13*.)Īt $Delegate.initialize(KeyPairGenerator.java:627)Īt .(DHCrypt.java:100)Īn example of a server that demonstrates this problem is :6697 (this is an IRC server).
0 kommentar(er)
