Java SSL / SSLeay interoperability

Frank Maritato (frank@uccs.jpl.nasa.gov)
Mon, 16 Mar 1998 12:41:47 -0800

Date: Mon, 16 Mar 1998 12:41:47 -0800
From: Frank Maritato <frank@uccs.jpl.nasa.gov>
To: java-security@web2.javasoft.com
Subject: Java SSL / SSLeay interoperability

Hello--

I built the latest version of SSLeay on Solaris, and I was curious to
see what would happen if I tried to get my Java SSL client to talk to
the demo SSLeay server app. I want to use
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 as my cipher suite, but I noticed
that SSLeay defines their cipher suites differently. Here is what I got
on the server side:

[11:56am] locknis/frank % ssleay s_server -nocert
Using default temp DH parameters
ACCEPT
ERROR
21855:error:1408A0B9:SSL routines:SSL3_GET_CLIENT_HELLO:no shared
cipher:s3_srvr.c:727
shutting down SSL
CONNECTION CLOSED
ACCEPT

Here is what I got on the Java SSL client side:
[11:58am] locknis/frank % java SSLClient locknis 4433
Creating SSLSocketFactory...Done.
Creating Socket...Done.
Setting Cipher suite...Done.
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
Setting up streams...Done.
javax.net.ssl.SSLException: Received fatal alert: handshake_failure (no
cipher suites in common)
javax.net.ssl.SSLException: Received fatal alert: handshake_failure (no
cipher suites in common)
at
sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:951)
at
sun.security.ssl.SSLSocketImpl.clearPipeline(SSLSocketImpl.java:684)
at sun.security.ssl.SSLSocketImpl.write(SSLSocketImpl.java:437)
at
sun.security.ssl.AppOutputStream.flush(AppOutputStream.java:77)
at java.io.DataOutputStream.flush(DataOutputStream.java)
at SSLClient.talk(SSLClient.java:70)
at SSLClient.run(SSLClient.java:48)

Anyone know how I can get the cipher suites to match on each side?
thanks!

-- 
**************************************************************
Frank Maritato, Jr.             Jet Propulsion Laboratory
frank@uccs.jpl.nasa.gov         4800 Oak Grove Drive
				mail stop 525-3632
				Pasadena, CA 91109-8099