HttpsClient.java Failed with JDK 1.8

This section provides a tutorial example showing HttpsClient.java failed to complete the communication at the application level. But it works with SSL debug mode turned on.

As I mentioned earlier, HttpsClient.java is not working any more with JDK 1.8. Here is what I did on testing HttpsHello.java and HttpsClient.java:

Start HttpsHello.java with 1.8 in a command window:

>java HttpsHello

Server started:
Server socket class: 
   class com.sun.net.ssl.internal.ssl.SSLServerSocketImpl
   Socket address = 0.0.0.0/0.0.0.0
   Socket port = 8888
   Need client authentication = false
   Want client authentication = false
   Use client mode = false

Then run HttpsClient.java with JDK 1.8 in another command window:

>java.exe -Djavax.net.ssl.trustStore=public.jks HttpsClient

The default SSL socket factory class: 
   class sun.security.ssl.SSLSocketFactoryImpl
Socket class: class sun.security.ssl.SSLSocketImpl
   Remote address = localhost/127.0.0.1
   Remote port = 8888
   Local socket address = /127.0.0.1:61457
   Local address = /127.0.0.1
   Local port = 61457
   Need client authentication = false
   Cipher suite = TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
   Protocol = TLSv1.2
java.net.SocketException: Software caused connection abort: recv failed

The SSL Handshake process went ok. The communication failed at the application level.

However, if I turn on the SSL debug mode on the server side, HttpsHello.java, the communication will work.

Run HttpsHello.java again with SSL debug turned on in the first window:

>java -Djavax.net.debug=ssl:record HttpsHello

***
found key for : my_home
chain [0] = [
[
  Version: V3
  Subject: CN=Herong Yang, OU=My Unit, O=My Org, C=US
  Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3
...

Server started:
Server socket class: class sun.security.ssl.SSLServerSocketImpl
   Socket address = 0.0.0.0/0.0.0.0
   Socket port = 8888
   Need client authentication = false
   Want client authentication = false
   Use client mode = false
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
...
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Now run HttpsClient.java again in the second window:

>java -Djavax.net.ssl.trustStore=public.jks HttpsClient

The default SSL socket factory class: 
   class sun.security.ssl.SSLSocketFactoryImpl
Socket class: class sun.security.ssl.SSLSocketImpl
   Remote address = localhost/127.0.0.1
   Remote port = 8888
   Local socket address = /127.0.0.1:61688
   Local address = /127.0.0.1
   Local port = 61688
   Need client authentication = false
   Cipher suite = TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
   Protocol = TLSv1.2
HTTP/1.0 200 OK
Content-Type: text/html

<html><body>Hello world!</body></html>

As you can see the communication went correctly! I don't know why JDK 1.8 behave differently with SSL debug turned on.

I actually found out the reason why my test programs are working with SSL debug turned on. See the next tutorial for details.

Last update: 2015.

Table of Contents

 About This JDK Tutorial Book

 Downloading and Installing JDK 1.8.0 on Windows

 Downloading and Installing JDK 1.7.0 on Windows

 Downloading and Installing JDK 1.6.2 on Windows

 Java Date-Time API

 Date, Time and Calendar Classes

 Date and Time Object and String Conversion

 Number Object and Numeric String Conversion

 Locales, Localization Methods and Resource Bundles

 Calling and Importing Classes Defined in Unnamed Packages

 HashSet, Vector, HashMap and Collection Classes

 Character Set Encoding Classes and Methods

 Character Set Encoding Maps

 Encoding Conversion Programs for Encoded Text Files

 Socket Network Communication

 Datagram Network Communication

 DOM (Document Object Model) - API for XML Files

 SAX (Simple API for XML)

 DTD (Document Type Definition) - XML Validation

 XSD (XML Schema Definition) - XML Validation

 XSL (Extensible Stylesheet Language)

 Message Digest Algorithm Implementations in JDK

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Digital Signature Algorithm and Sample Program

 "keytool" Commands and "keystore" Files

 KeyStore and Certificate Classes

 Secret Key Generation and Management

 Cipher - Secret Key Encryption and Decryption

 The SSL (Secure Socket Layer) Protocol

 SSL Socket Communication Testing Programs

 SSL Client Authentication

HTTPS (Hypertext Transfer Protocol Secure)

 What Is HTTPS?

 HttpsHello.java - HTTPS Server Test Program

 HttpsClient.java - HTTPS Client Test Program

HttpsClient.java Failed with JDK 1.8

 Using SO_LINGER Socket Option

 Connecting to HttpsHello.java with IE

 HttpsEchoer.java - A Better HTTPS Server

 Outdated Tutorials

 References

 PDF Printing Version