Closed Bug 239019 Opened 21 years ago Closed 21 years ago

site issues unexpected alert (-12229) during handshake

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
Other Branch
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 249223

People

(Reporter: tjw19, Assigned: KaiE)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.6) Gecko/20040113 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.6) Gecko/20040113 Going to the above page will cause mozilla to download a self signed 2048 bit RSA certificate. If you accept the certificate (permanently or not, I think) then you immediately get an error message stating the following.... "www.gorenttoday.com has received an incorrect or unexpected message. Error Code: -12229" with an OK button. Pressing the button stops the page from loading. This website is being served by Java TM Web Services Developer Pack 1.3 running over SSL on Mac OS X 10.3.3 with JVM 1.4.2. The initial page immediately redirects to a secure page (https://www.gorenttoday.com), but going to that page triggers the same problem, so I don't think it has to do with the redirect. the page at the other end of that link is a standard HTML page, nothing unusual about it, but connecting insecurely does work just fine, so I think it has to do with the SSL certificate. The certificate was made with the keytool under OS X 10.3.3 JVM 1.4.2 in the way that is suggested in the Tomcat docs. Reproducible: Always Steps to Reproduce: 1.Go to http://www.gorenttoday.com:8080 2.accept certificate. 3. Actual Results: messsage box popped down saying.... "www.gorenttoday.com has received an incorrect or unexpected message. Error Code: -12229" page does not load. Expected Results: No message box, page should load in secure mode.
sounds like a PSM error, especially given the error code
Assignee: darin → kaie
Component: Networking → Client Library
Product: Browser → PSM
QA Contact: benc → bmartin
Version: Trunk → unspecified
-12229 is SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT, meaning the server aborted the handshake due to its receiving a message it didn't expect. One would need details about the handshake, possibly by running a debug build with the SSLTRACE environment variable set to 5. My attempts to connect to the mentioned site result in connection timeouts.
Summary: when connecting to a website with a 2048 bit RSA self signed certificate, get Error Code: -12229 → site issues unexpected alert (-12229) during handshake
I couldn't reach gorenttoday on any of ports 80, 443 or 8080. There's No need to have any special build of mozilla. Just use ssltap. BTW, given that this problem involves the use of a self-signed cert, which is not a cert issued by any of mozilla's known CAs, and - given the HUGE NUMBERS of problems people have with certs they create (typically because the certs were not created in conformance with the relevant standards), therefore, - odds are VERY high that the problem is caused by the cert. Show me that the problem occurs with a standards-conforming cert from a known issuer, and I'll be interested in looking at it further.
"12229" is not particularly user friendly. This may very well be related to the issue of Bug 249223. That one was solved on the server side, by adding the bouncycastle.org provider to the JVM because Mozilla used ciphers Sun didn't offer by default.
*** This bug has been marked as a duplicate of 249223 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Product: PSM → Core
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.