Why does an SSL Server Socket connection block in Java whereas a non SSL Server Socket does not?











up vote
0
down vote

favorite












Consider the following code for a non-SSL Socket server and client all on the one thread:



import java.io.DataInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.ServerSocket;
import java.net.Socket;

public class ServerClient {
public static void main(String args) throws IOException {
ServerSocket ss = new ServerSocket(0); // open a random free port.

Socket c = new Socket(ss.getInetAddress(), ss.getLocalPort());

Socket s = ss.accept();

final byte bytes = "Hello World!".getBytes();
final OutputStream out = c.getOutputStream();
System.out.println("writing to stream");
out.write(bytes.length);
out.write(bytes);

System.out.println("reading from stream");

final DataInputStream in = new DataInputStream(s.getInputStream());
int len = in.read();
final byte b = new byte[len];
in.readFully(b);
System.out.println(new String(b));

c.close();
ss.close();
}
}


This produces the following output:



writing to stream
reading from stream
Hello World!


This process opened a server socket - connected with a client socket. Passed data down the socket and then closed down. There was no issue passing the data.



Consider a version to a prove a point with SSL Sockets:



import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.Socket;
import java.util.logging.Logger;

public class SSLServerClient {

private static Logger log = Logger.getLogger("InfoLogging");

public static void main(String args) throws IOException {

System.setProperty("javax.net.ssl.keyStore", "/path/KeyStore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");

SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();

SSLServerSocket serverListeningSSLSocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(4380);
log.info("Server started");

SSLSocketFactory sslSocketFactory=(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket clientSocket = (SSLSocket) sslSocketFactory.createSocket(serverListeningSSLSocket.getInetAddress(),
serverListeningSSLSocket.getLocalPort());

SSLSocket serverCommsSSLSocket = (SSLSocket) serverListeningSSLSocket.accept();
log.info("new client");

final byte bytes = "Hello World!".getBytes();
final OutputStream out = clientSocket.getOutputStream();
System.out.println("writing to stream");
out.write(bytes.length);
out.write(bytes);

System.out.println("reading from stream");

final DataInputStream in = new DataInputStream(serverCommsSSLSocket.getInputStream());
int len = in.read();
final byte b = new byte[len];
in.readFully(b);
System.out.println(new String(b));

clientSocket.close();
serverCommsSSLSocket.close();
serverListeningSSLSocket.close();
}
}


This gives the following output:



Nov 21, 2018 10:23:51 PM com.gamble.ssl.SSLServerClient main INFO: Server started
Nov 21, 2018 10:23:52 PM com.gamble.ssl.SSLServerClient main INFO: new client
writing to stream


ie it blocks on the server socket starting.



My question is: Why does an SSL Server Socket connection block in Java whereas a non SSL Server Socket does not?










share|improve this question




























    up vote
    0
    down vote

    favorite












    Consider the following code for a non-SSL Socket server and client all on the one thread:



    import java.io.DataInputStream;
    import java.io.IOException;
    import java.io.OutputStream;
    import java.net.ServerSocket;
    import java.net.Socket;

    public class ServerClient {
    public static void main(String args) throws IOException {
    ServerSocket ss = new ServerSocket(0); // open a random free port.

    Socket c = new Socket(ss.getInetAddress(), ss.getLocalPort());

    Socket s = ss.accept();

    final byte bytes = "Hello World!".getBytes();
    final OutputStream out = c.getOutputStream();
    System.out.println("writing to stream");
    out.write(bytes.length);
    out.write(bytes);

    System.out.println("reading from stream");

    final DataInputStream in = new DataInputStream(s.getInputStream());
    int len = in.read();
    final byte b = new byte[len];
    in.readFully(b);
    System.out.println(new String(b));

    c.close();
    ss.close();
    }
    }


    This produces the following output:



    writing to stream
    reading from stream
    Hello World!


    This process opened a server socket - connected with a client socket. Passed data down the socket and then closed down. There was no issue passing the data.



    Consider a version to a prove a point with SSL Sockets:



    import javax.net.ssl.SSLServerSocket;
    import javax.net.ssl.SSLServerSocketFactory;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.SSLSocketFactory;
    import java.io.DataInputStream;
    import java.io.IOException;
    import java.io.OutputStream;
    import java.net.Socket;
    import java.util.logging.Logger;

    public class SSLServerClient {

    private static Logger log = Logger.getLogger("InfoLogging");

    public static void main(String args) throws IOException {

    System.setProperty("javax.net.ssl.keyStore", "/path/KeyStore.jks");
    System.setProperty("javax.net.ssl.keyStorePassword", "password");

    SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();

    SSLServerSocket serverListeningSSLSocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(4380);
    log.info("Server started");

    SSLSocketFactory sslSocketFactory=(SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket clientSocket = (SSLSocket) sslSocketFactory.createSocket(serverListeningSSLSocket.getInetAddress(),
    serverListeningSSLSocket.getLocalPort());

    SSLSocket serverCommsSSLSocket = (SSLSocket) serverListeningSSLSocket.accept();
    log.info("new client");

    final byte bytes = "Hello World!".getBytes();
    final OutputStream out = clientSocket.getOutputStream();
    System.out.println("writing to stream");
    out.write(bytes.length);
    out.write(bytes);

    System.out.println("reading from stream");

    final DataInputStream in = new DataInputStream(serverCommsSSLSocket.getInputStream());
    int len = in.read();
    final byte b = new byte[len];
    in.readFully(b);
    System.out.println(new String(b));

    clientSocket.close();
    serverCommsSSLSocket.close();
    serverListeningSSLSocket.close();
    }
    }


    This gives the following output:



    Nov 21, 2018 10:23:51 PM com.gamble.ssl.SSLServerClient main INFO: Server started
    Nov 21, 2018 10:23:52 PM com.gamble.ssl.SSLServerClient main INFO: new client
    writing to stream


    ie it blocks on the server socket starting.



    My question is: Why does an SSL Server Socket connection block in Java whereas a non SSL Server Socket does not?










    share|improve this question


























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      Consider the following code for a non-SSL Socket server and client all on the one thread:



      import java.io.DataInputStream;
      import java.io.IOException;
      import java.io.OutputStream;
      import java.net.ServerSocket;
      import java.net.Socket;

      public class ServerClient {
      public static void main(String args) throws IOException {
      ServerSocket ss = new ServerSocket(0); // open a random free port.

      Socket c = new Socket(ss.getInetAddress(), ss.getLocalPort());

      Socket s = ss.accept();

      final byte bytes = "Hello World!".getBytes();
      final OutputStream out = c.getOutputStream();
      System.out.println("writing to stream");
      out.write(bytes.length);
      out.write(bytes);

      System.out.println("reading from stream");

      final DataInputStream in = new DataInputStream(s.getInputStream());
      int len = in.read();
      final byte b = new byte[len];
      in.readFully(b);
      System.out.println(new String(b));

      c.close();
      ss.close();
      }
      }


      This produces the following output:



      writing to stream
      reading from stream
      Hello World!


      This process opened a server socket - connected with a client socket. Passed data down the socket and then closed down. There was no issue passing the data.



      Consider a version to a prove a point with SSL Sockets:



      import javax.net.ssl.SSLServerSocket;
      import javax.net.ssl.SSLServerSocketFactory;
      import javax.net.ssl.SSLSocket;
      import javax.net.ssl.SSLSocketFactory;
      import java.io.DataInputStream;
      import java.io.IOException;
      import java.io.OutputStream;
      import java.net.Socket;
      import java.util.logging.Logger;

      public class SSLServerClient {

      private static Logger log = Logger.getLogger("InfoLogging");

      public static void main(String args) throws IOException {

      System.setProperty("javax.net.ssl.keyStore", "/path/KeyStore.jks");
      System.setProperty("javax.net.ssl.keyStorePassword", "password");

      SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();

      SSLServerSocket serverListeningSSLSocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(4380);
      log.info("Server started");

      SSLSocketFactory sslSocketFactory=(SSLSocketFactory) SSLSocketFactory.getDefault();
      SSLSocket clientSocket = (SSLSocket) sslSocketFactory.createSocket(serverListeningSSLSocket.getInetAddress(),
      serverListeningSSLSocket.getLocalPort());

      SSLSocket serverCommsSSLSocket = (SSLSocket) serverListeningSSLSocket.accept();
      log.info("new client");

      final byte bytes = "Hello World!".getBytes();
      final OutputStream out = clientSocket.getOutputStream();
      System.out.println("writing to stream");
      out.write(bytes.length);
      out.write(bytes);

      System.out.println("reading from stream");

      final DataInputStream in = new DataInputStream(serverCommsSSLSocket.getInputStream());
      int len = in.read();
      final byte b = new byte[len];
      in.readFully(b);
      System.out.println(new String(b));

      clientSocket.close();
      serverCommsSSLSocket.close();
      serverListeningSSLSocket.close();
      }
      }


      This gives the following output:



      Nov 21, 2018 10:23:51 PM com.gamble.ssl.SSLServerClient main INFO: Server started
      Nov 21, 2018 10:23:52 PM com.gamble.ssl.SSLServerClient main INFO: new client
      writing to stream


      ie it blocks on the server socket starting.



      My question is: Why does an SSL Server Socket connection block in Java whereas a non SSL Server Socket does not?










      share|improve this question















      Consider the following code for a non-SSL Socket server and client all on the one thread:



      import java.io.DataInputStream;
      import java.io.IOException;
      import java.io.OutputStream;
      import java.net.ServerSocket;
      import java.net.Socket;

      public class ServerClient {
      public static void main(String args) throws IOException {
      ServerSocket ss = new ServerSocket(0); // open a random free port.

      Socket c = new Socket(ss.getInetAddress(), ss.getLocalPort());

      Socket s = ss.accept();

      final byte bytes = "Hello World!".getBytes();
      final OutputStream out = c.getOutputStream();
      System.out.println("writing to stream");
      out.write(bytes.length);
      out.write(bytes);

      System.out.println("reading from stream");

      final DataInputStream in = new DataInputStream(s.getInputStream());
      int len = in.read();
      final byte b = new byte[len];
      in.readFully(b);
      System.out.println(new String(b));

      c.close();
      ss.close();
      }
      }


      This produces the following output:



      writing to stream
      reading from stream
      Hello World!


      This process opened a server socket - connected with a client socket. Passed data down the socket and then closed down. There was no issue passing the data.



      Consider a version to a prove a point with SSL Sockets:



      import javax.net.ssl.SSLServerSocket;
      import javax.net.ssl.SSLServerSocketFactory;
      import javax.net.ssl.SSLSocket;
      import javax.net.ssl.SSLSocketFactory;
      import java.io.DataInputStream;
      import java.io.IOException;
      import java.io.OutputStream;
      import java.net.Socket;
      import java.util.logging.Logger;

      public class SSLServerClient {

      private static Logger log = Logger.getLogger("InfoLogging");

      public static void main(String args) throws IOException {

      System.setProperty("javax.net.ssl.keyStore", "/path/KeyStore.jks");
      System.setProperty("javax.net.ssl.keyStorePassword", "password");

      SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();

      SSLServerSocket serverListeningSSLSocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(4380);
      log.info("Server started");

      SSLSocketFactory sslSocketFactory=(SSLSocketFactory) SSLSocketFactory.getDefault();
      SSLSocket clientSocket = (SSLSocket) sslSocketFactory.createSocket(serverListeningSSLSocket.getInetAddress(),
      serverListeningSSLSocket.getLocalPort());

      SSLSocket serverCommsSSLSocket = (SSLSocket) serverListeningSSLSocket.accept();
      log.info("new client");

      final byte bytes = "Hello World!".getBytes();
      final OutputStream out = clientSocket.getOutputStream();
      System.out.println("writing to stream");
      out.write(bytes.length);
      out.write(bytes);

      System.out.println("reading from stream");

      final DataInputStream in = new DataInputStream(serverCommsSSLSocket.getInputStream());
      int len = in.read();
      final byte b = new byte[len];
      in.readFully(b);
      System.out.println(new String(b));

      clientSocket.close();
      serverCommsSSLSocket.close();
      serverListeningSSLSocket.close();
      }
      }


      This gives the following output:



      Nov 21, 2018 10:23:51 PM com.gamble.ssl.SSLServerClient main INFO: Server started
      Nov 21, 2018 10:23:52 PM com.gamble.ssl.SSLServerClient main INFO: new client
      writing to stream


      ie it blocks on the server socket starting.



      My question is: Why does an SSL Server Socket connection block in Java whereas a non SSL Server Socket does not?







      java sockets ssl sslsocketfactory






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 2 hours ago

























      asked 2 days ago









      hawkeye

      14.3k1798214




      14.3k1798214
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          What does "flip to plaintext?" mean?



          Here's what you are doing:




          • Creating an SSL server socket

          • Creating a normal socket connected to the SSL server socket

          • Sending some data from the client side

          • Reading some data on the server side


          Now, the SSL socket expects encrypted data transfer. But the data you are not sending is not encrypted, so it's not valid SSL and it throws an exception - as it says, "Unrecognized SSL message" because you are not sending a valid SSL message, and "plaintext connection?" is a hint about what might be wrong.



          You have to use SSL on both sides of the connection, or they can't talk to each other properly.






          share|improve this answer





















          • Thanks for this comment - it is super helpful. I've updated the question.
            – hawkeye
            2 hours ago











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53373183%2fwhy-does-an-ssl-server-socket-connection-block-in-java-whereas-a-non-ssl-server%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote













          What does "flip to plaintext?" mean?



          Here's what you are doing:




          • Creating an SSL server socket

          • Creating a normal socket connected to the SSL server socket

          • Sending some data from the client side

          • Reading some data on the server side


          Now, the SSL socket expects encrypted data transfer. But the data you are not sending is not encrypted, so it's not valid SSL and it throws an exception - as it says, "Unrecognized SSL message" because you are not sending a valid SSL message, and "plaintext connection?" is a hint about what might be wrong.



          You have to use SSL on both sides of the connection, or they can't talk to each other properly.






          share|improve this answer





















          • Thanks for this comment - it is super helpful. I've updated the question.
            – hawkeye
            2 hours ago















          up vote
          0
          down vote













          What does "flip to plaintext?" mean?



          Here's what you are doing:




          • Creating an SSL server socket

          • Creating a normal socket connected to the SSL server socket

          • Sending some data from the client side

          • Reading some data on the server side


          Now, the SSL socket expects encrypted data transfer. But the data you are not sending is not encrypted, so it's not valid SSL and it throws an exception - as it says, "Unrecognized SSL message" because you are not sending a valid SSL message, and "plaintext connection?" is a hint about what might be wrong.



          You have to use SSL on both sides of the connection, or they can't talk to each other properly.






          share|improve this answer





















          • Thanks for this comment - it is super helpful. I've updated the question.
            – hawkeye
            2 hours ago













          up vote
          0
          down vote










          up vote
          0
          down vote









          What does "flip to plaintext?" mean?



          Here's what you are doing:




          • Creating an SSL server socket

          • Creating a normal socket connected to the SSL server socket

          • Sending some data from the client side

          • Reading some data on the server side


          Now, the SSL socket expects encrypted data transfer. But the data you are not sending is not encrypted, so it's not valid SSL and it throws an exception - as it says, "Unrecognized SSL message" because you are not sending a valid SSL message, and "plaintext connection?" is a hint about what might be wrong.



          You have to use SSL on both sides of the connection, or they can't talk to each other properly.






          share|improve this answer












          What does "flip to plaintext?" mean?



          Here's what you are doing:




          • Creating an SSL server socket

          • Creating a normal socket connected to the SSL server socket

          • Sending some data from the client side

          • Reading some data on the server side


          Now, the SSL socket expects encrypted data transfer. But the data you are not sending is not encrypted, so it's not valid SSL and it throws an exception - as it says, "Unrecognized SSL message" because you are not sending a valid SSL message, and "plaintext connection?" is a hint about what might be wrong.



          You have to use SSL on both sides of the connection, or they can't talk to each other properly.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered 13 hours ago









          immibis

          33.8k43562




          33.8k43562












          • Thanks for this comment - it is super helpful. I've updated the question.
            – hawkeye
            2 hours ago


















          • Thanks for this comment - it is super helpful. I've updated the question.
            – hawkeye
            2 hours ago
















          Thanks for this comment - it is super helpful. I've updated the question.
          – hawkeye
          2 hours ago




          Thanks for this comment - it is super helpful. I've updated the question.
          – hawkeye
          2 hours ago


















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53373183%2fwhy-does-an-ssl-server-socket-connection-block-in-java-whereas-a-non-ssl-server%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          'app-layout' is not a known element: how to share Component with different Modules

          android studio warns about leanback feature tag usage required on manifest while using Unity exported app?

          WPF add header to Image with URL pettitions [duplicate]