Welcome! Log In Create A New Profile

Re: Force SSL redirection to target service host for all protocols

Forum List Message List New Topic Print View

siva.pannier

July 14, 2020 09:55AM

Registered: 3 years ago
Posts: 27

Extremely sorry, I mentioned the wrong port in that post.. Actually I am using the correct port number..

Client (Windows + non SSL):8091 ==> Nginx host (ubuntu vm+ SSL redirection) ==> TCP server (Windows + SSL enabled)

TCP server listening on 8091
Nginx Server listening on 8091
Client makes call to Nginx on 8091

I modified my server code for additional debugging as below

#################
ServerSocketFactory ssf = SSLServerSocketFactory.getDefault();
int port = 8091;
ServerSocket ss = ssf.createServerSocket(port);

while (true) {

try {
Socket sock = ss.accept();
System.out.println("Timeout set is " + sock.getSoTimeout());
System.out.println("New client connected");

PrintWriter pw = new PrintWriter(sock.getOutputStream());
pw.println(new Date().toString() + " from port: "+port);
System.out.println("Data ready to sent to client");
pw.flush();
//pw.close();
System.out.println("Data sent to client");

System.out.println("Ready to read client data");
BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream()));
String data = br.readLine();
System.out.println("Data received from Client: "+ data);
//br.close();

sock.close();
System.out.println("Socket closed");
########################

Output from the server when client initiated the connection is..
#####################
Timeout set is 0
New client connected
Data ready to sent to client
Data sent to client
Ready to read client data
I/O error: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: no cipher suites in common
Exception in thread "main" javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.SSLSocketImpl.checkEOF(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at sun.nio.cs.StreamDecoder.readBytes(Unknown Source)
at sun.nio.cs.StreamDecoder.implRead(Unknown Source)
at sun.nio.cs.StreamDecoder.read(Unknown Source)
at java.io.InputStreamReader.read(Unknown Source)
at java.io.BufferedReader.fill(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at com.att.tcp.server.TCPSServer.main(TCPSServer.java:37)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(Unknown Source)
at sun.security.ssl.ServerHandshaker.clientHello(Unknown Source)
at sun.security.ssl.ServerHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at java.io.PrintWriter.flush(Unknown Source)
at com.att.tcp.server.TCPSServer.main(TCPSServer.java:31)

Error was thrown on the line "pw.flush();" in the above code

####################################

Output from the client is
#####################

I/O error: Connection reset
Exception in thread "main" java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(Unknown Source)
at java.net.SocketInputStream.read(Unknown Source)
at sun.security.ssl.InputRecord.readFully(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.att.client.tcp.TimeClient.main(TimeClient.java:34)

Error is thrown on the client code " socket.startHandshake(); "
##########################

> When my client is "nc", and my server is "openssl s_server -port 12345",
> things seem to work for me. Anything I write on one end is shown on the
> other, with nginx handling the ssl/no-ssl translation.

Are you able to run a similar configuration?

May be I would have done something wrong on SSL settings or on self-signed certificate. Let me start things from scratch again..

Reply Quote

RSS

Subject	Author	Posted
Force SSL redirection to target service host for all protocols	siva.pannier	July 03, 2020 09:12AM
Re: Force SSL redirection to target service host for all protocols	siva.pannier	July 06, 2020 12:15AM
Re: Force SSL redirection to target service host for all protocols	Francis Daly	July 08, 2020 03:56AM
Re: Force SSL redirection to target service host for all protocols	siva.pannier	July 10, 2020 10:49AM
Re: Force SSL redirection to target service host for all protocols	siva.pannier	July 13, 2020 02:57PM
Re: Force SSL redirection to target service host for all protocols	Francis Daly	July 14, 2020 09:18AM
Re: Force SSL redirection to target service host for all protocols	siva.pannier	July 14, 2020 09:55AM
Re: Force SSL redirection to target service host for all protocols	Francis Daly	July 14, 2020 10:02AM
Re: Force SSL redirection to target service host for all protocols	siva.pannier	July 15, 2020 09:16AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 128

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018