mina-ftpserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Goodwin, Matthew" <Matthew.Good...@railinc.com>
Subject RE: SSL handshake failed
Date Mon, 11 Nov 2013 18:44:54 GMT
I'm not sure if this is the same issue (and I can't remember fully as I don't have access to
the code anymore) but I ran into a heck of a time with ssl handshake because my the keystore
file didn't function the same under jdk6/7 as it did under jdk5 and for whatever reason (maybe
how it handles the cert chain is different?) the ftpserver project didn't play well with jdk6
created certstore.  I guess it could just have been me. Take a look and see if a different
jdk solves your problem.  If not, my apologies for wasting your time.

Thanks,

Matt

From: Fernando Cesar da Silva [mailto:fsilva@synchro.com.br]
Sent: Monday, November 11, 2013 1:24 PM
To: ftpserver-users@mina.apache.org
Cc: 'Carlos Garbiatti'; 'Eder Miranda Ferreira Leite'; 'Crystian Guirau'; Bruno Cesar Proenca
Subject: SSL handshake failed
Importance: High

Hi,

I'm new to Apache FtpServer, we've done a configuration to use FtpServer embedded in a Grails
Application and everything was working fine, until I try to setup the Explicit Security SSL
Support.

I've just provide the keystore information as done in sample "Embedding FtpServer in 5 minutes":

                // define SSL configuration
                SslConfigurationFactory ssl = new SslConfigurationFactory();
                ssl.setKeystoreFile(new File("C:\\Certificados_Digitais\\xxxxxxx.jks"));
                ssl.setKeystorePassword("xxxxxxxxx");
                // set the SSL configuration for the listener
                factory.setSslConfiguration(ssl.createSslConfiguration());

With the above information provided, the FTP Client works fine, until it sends the command
AUTH SSL, after this command, when I try to establish a connection I've got the following
error (entire log attached):

2013-11-11 15:44:01,321 [pool-6-thread-2] WARN  impl.PassivePorts  - Releasing unreserved
passive port: 55341
2013-11-11 15:44:01,321 [pool-6-thread-2] INFO  nio.FtpLoggingFilter  - SENT: 150 File status
okay; about to open data connection.
2013-11-11 15:44:01,321 [pool-6-thread-2] INFO  nio.FtpLoggingFilter  - SENT: 226 Closing
data connection.
2013-11-11 15:44:01,322 [pool-6-thread-1] INFO  nio.FtpLoggingFilter  - RECEIVED: CDUP
2013-11-11 15:44:01,322 [pool-6-thread-2] INFO  nio.FtpLoggingFilter  - SENT: 250 Directory
changed to /.
2013-11-11 15:44:01,323 [pool-6-thread-2] INFO  nio.FtpLoggingFilter  - RECEIVED: CWD /
2013-11-11 15:44:01,323 [pool-6-thread-1] INFO  nio.FtpLoggingFilter  - SENT: 250 Directory
changed to /
2013-11-11 15:44:03,942 [pool-6-thread-2] WARN  nio.FtpLoggingFilter  - EXCEPTION :
Message: SSL handshake failed.
    Line | Method
->>  495 | messageReceived         in org.apache.mina.filter.ssl.SslFilter
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|    434 | callNextMessageReceived in org.apache.mina.core.filterchain.DefaultIoFilterChain
|     46 | access$1200 . . . . . . in     ''
|    796 | messageReceived         in org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1
|    119 | messageReceived . . . . in org.apache.mina.core.filterchain.IoFilterAdapter
|    434 | callNextMessageReceived in org.apache.mina.core.filterchain.DefaultIoFilterChain
|    426 | fireMessageReceived . . in     ''
|    715 | read                    in org.apache.mina.core.polling.AbstractPollingIoProcessor
|    668 | process . . . . . . . . in     ''
|    657 | process                 in     ''
|     68 | access$600 . . . . . .  in     ''
|   1141 | run                     in org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor
|     64 | run . . . . . . . . . . in org.apache.mina.util.NamePreservingRunnable
|    886 | runTask                 in java.util.concurrent.ThreadPoolExecutor$Worker
|    908 | run . . . . . . . . . . in     ''
^    662 | run                     in java.lang.Thread
Caused by SSLException: Unrecognized SSL message, plaintext connection?
->>  152 | bytesInCompletePacket   in com.sun.net.ssl.internal.ssl.EngineInputRecord
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|    806 | readNetRecord           in com.sun.net.ssl.internal.ssl.SSLEngineImpl
|    721 | unwrap . . . . . . . .  in     ''
|    607 | unwrap                  in javax.net.ssl.SSLEngine
|    725 | unwrap . . . . . . . .  in org.apache.mina.filter.ssl.SslHandler
|    663 | unwrapHandshake         in     ''
|    549 | handshake . . . . . . . in     ''
|    349 | messageReceived         in     ''
|    476 | messageReceived . . . . in org.apache.mina.filter.ssl.SslFilter
|    434 | callNextMessageReceived in org.apache.mina.core.filterchain.DefaultIoFilterChain
|     46 | access$1200 . . . . . . in     ''
|    796 | messageReceived         in org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1
|    119 | messageReceived . . . . in org.apache.mina.core.filterchain.IoFilterAdapter
|    434 | callNextMessageReceived in org.apache.mina.core.filterchain.DefaultIoFilterChain
|    426 | fireMessageReceived . . in     ''
|    715 | read                    in org.apache.mina.core.polling.AbstractPollingIoProcessor
|    668 | process . . . . . . . . in     ''
|    657 | process                 in     ''
|     68 | access$600 . . . . . .  in     ''
|   1141 | run                     in org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor
|     64 | run . . . . . . . . . . in org.apache.mina.util.NamePreservingRunnable
|    886 | runTask                 in java.util.concurrent.ThreadPoolExecutor$Worker
|    908 | run . . . . . . . . . . in     ''
^    662 | run                     in java.lang.Thread
| Error 2013-11-11 15:44:03,977 [pool-6-thread-2] ERROR impl.DefaultFtpHandler  - Exception
caught, closing session
Message: SSL handshake failed.

Am I missing something? Any clue will be very helpful.

Regards,
Fernando Cesar.

________________________________

This email and any files transmitted with it are confidential and intended solely for the
use of the individual or entity to whom they are addressed. If you have received this email
in error please notify the system manager. This message contains confidential information
and is intended only for the individual named. If you are not the named addressee you should
not disseminate, distribute or copy this e-mail.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message