JDK 7 and javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

Java 7 introduces SNI, which is enabled by default. It may break your old SSL connectivity code with HttpClient with the following trace in the SSL handshake verbose

Thread-0, WRITE: TLSv1 Handshake, length = 171
Thread-0, READ: TLSv1 Alert, length = 2
Thread-0, RECV TLSv1 ALERT:  warning, unrecognized_name
SSL - handshake alert: unrecognized_name
Thread-0, handling exception: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name
Thread-0, SEND TLSv1 ALERT:  fatal, description = unexpected_message
Thread-0, WRITE: TLSv1 Alert, length = 2
Thread-0, called closeSocket()
Thread-0, called close()
Thread-0, called closeInternal(true)

Add a new JRE parameter as follows

java -Djsse.enableSNIExtension=false yourClass

Which should fix this problem!

About

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s