JDK-6556044 : JRE SSL Handshake error in jdk1.5.0
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 5.0u11
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2007-05-10
  • Updated: 2011-03-08
  • Resolved: 2011-03-08
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other JDK 6 JDK 7
5.0u14Fixed 6u4Fixed 7 b16Fixed
Description
JRE tries to initiate a SSL connection to download a Java applet from a VPN Gateway 3050 box, but the SSL
handshaking failed to complete, yielding a SSL Handshake Failure error. 
JRE that is generating the handshake failure and is unable to establish/generate the
necessary CertificateVerify response with what it has been provided --
i.e. the server cert [from the NVG], the cacert [from the NVG] and the
client cert [from the browser keystore].

Version of JRE = 1.5_06 and 07.


Please find attached trace captured that illustrated the handshake error.The problem is not seen with jdk1.4.2.

Comments
EVALUATION We are going to call CryptGetKeyParam API to get key spec value to use.
05-06-2007

EVALUATION This bug is for client authentication certificate in IE browser keystore only. It works for JRE keystore and Mozilla/Firefox keystore.
01-06-2007