java.lang.IllegalArgumentException: Unsupported protocol SSLv2Hello

Stack Overflow | rcantrel | 4 months ago
  1. 0

    Unsupported protocol with JDBC connection

    Stack Overflow | 4 months ago | rcantrel
    java.lang.IllegalArgumentException: Unsupported protocol SSLv2Hello
  2. 0

    When enabling server encryption with the IBM JRE (algorithm: IbmX509), an IllegalArgumentException is thrown from the IBM JSSE when the server is started: ERROR 10:04:37,326 Exception encountered during startup java.lang.IllegalArgumentException: SSLv2Hello at at at<init>( at at at at at org.apache.cassandra.service.StorageService.prepareToJoin( at org.apache.cassandra.service.StorageService.initServer( at org.apache.cassandra.service.StorageService.initServer( at org.apache.cassandra.service.CassandraDaemon.setup( at org.apache.cassandra.service.CassandraDaemon.activate( at org.apache.cassandra.service.CassandraDaemon.main( The problem is that the IBM JSSE does not support SSLv2Hello, but this protocol is hard-coded in class public static final String[] ACCEPTED_PROTOCOLS = new String[] {"SSLv2Hello", "TLSv1", "TLSv1.1", "TLSv1.2"}; public static SSLServerSocket getServerSocket(EncryptionOptions options, InetAddress address, int port) throws IOException { SSLContext ctx = createSSLContext(options, true); SSLServerSocket serverSocket = (SSLServerSocket)ctx.getServerSocketFactory().createServerSocket(); serverSocket.setReuseAddress(true); String[] suits = filterCipherSuites(serverSocket.getSupportedCipherSuites(), options.cipher_suites); serverSocket.setEnabledCipherSuites(suits); serverSocket.setNeedClientAuth(options.require_client_auth); serverSocket.setEnabledProtocols(ACCEPTED_PROTOCOLS); serverSocket.bind(new InetSocketAddress(address, port), 500); return serverSocket; } This ACCEPTED_PROTOCOLS array should not be hard-coded. It should rather read the protocols from configuration, or if the algorithm is IbmX509, simply do not call setEnabledProtocols - with the IBM JSSE, the enabled protocol is controlled by the protocol passed to SSLContext.getInstance.

    Apache's JIRA Issue Tracker | 7 months ago | Guillermo Vega-Toro
    java.lang.IllegalArgumentException: SSLv2Hello
  3. 0

    db:: 3.95::535 5.7.3 Authentication unsuccessful 91 | 7 months ago
    java.lang.IllegalArgumentException: SSLv2Hello
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Artur Nowak's headdump | 2 months ago
    java.sql.SQLException: The Network Adapter could not establish the connection
  6. 0

    Some tests in the testsuite are failing due to IBM JDK not supporting the SSLv2Hello protocol: 15:10:46,727 ERROR [AbstractKernelController] Error installing to Start: name=jboss:service=invoker,socketType=SSLSocketFactory,type=jrmp,wantsClientAuth=true state=Create mode=Manual requiredState=Installed java.lang.IllegalArgumentException: SSLv2Hello at at<init>( at at at at at sun.rmi.transport.tcp.TCPEndpoint.newServerSocket( at sun.rmi.transport.tcp.TCPTransport.listen( at sun.rmi.transport.tcp.TCPTransport.exportObject( at sun.rmi.transport.tcp.TCPEndpoint.exportObject( ... This problem was previously reported as JBPAPP-626 but never fixed. I'm creating a new JIRA since it now affects more testcases. These testcases fail: org.jboss.test.jrmp.test.CustomSocketsUnitTestCase org.jboss.test.jrmp.test.SSLFailuresSocketsUnitTestCase org.jboss.test.jrmp.test.SSLSocketsUnitTestCase org.jboss.test.pooled.test.SSLSocketsUnitTestCase We can still leave it as it is - meaning documenting these failures as known issues with IBM JDK. I just wanted to make sure we know about it.

    JBoss Issue Tracker | 7 years ago | Martin Malina
    java.lang.IllegalArgumentException: SSLv2Hello

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. java.lang.IllegalArgumentException

      Unsupported protocol SSLv2Hello

      at com.rsa.sslj.x.aD.a()
    2. com.rsa.sslj
      1. com.rsa.sslj.x.aD.a(Unknown Source)
      2. com.rsa.sslj.x.aH.b(Unknown Source)
      3. com.rsa.sslj.x.aS.setEnabledProtocols(Unknown Source)
      3 frames
    3. Oracle jdbc
      2 frames