bc-java
bc-java copied to clipboard
bcgit
org.bouncycastle.tls.TlsFatalAlertReceived: handshake_failure(40)
Hello,
I get this error on JDK14 (bctls-jdk14-164) when trying to access some hosts, in particular: latimes.com and wegotthiscovered.com. I suppose that the problem is related to the fact that the correct verification of the certificate is not performed, but how should this be implemented in my case, all my long attempts have failed ?
Or maybe is this problem something else and I'm on the wrong way ?
public static void main(String[] args) throws Exception {
TlsCrypto crypto = new BcTlsCrypto(new SecureRandom());
InetAddress address = InetAddress.getByName("www.latimes.com");
int port = 443;
Socket socket = new Socket(address, port);
TlsClient client = new DefaultTlsClient(crypto) {
public TlsAuthentication getAuthentication() throws IOException {
TlsAuthentication auth = new TlsAuthentication() {
// Capture the server certificate information!
public void notifyServerCertificate(TlsServerCertificate serverCertificate) throws IOException {
// ..??
}
public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException {
return null;
}
};
return auth;
}
};
TlsClientProtocol protocol = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream());
protocol.connect(client);
java.io.OutputStream output = protocol.getOutputStream();
output.write("GET / HTTP/1.1\r\n".getBytes("UTF-8"));
output.write("Host: www.latimes.com\r\n".getBytes("UTF-8"));
output.write("\r\n".getBytes("UTF-8")); // HTTP1.1 requirement: last line must be empty line.
output.flush();
java.io.InputStream input = protocol.getInputStream();
//....
}
