Not able to connect to server through java code. Getting javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

javax.net.ssl.sslhandshakeexception received fatal alert handshake_failure tomcat
javax net ssl sslhandshakeexception received fatal alert: bad_certificate
received fatal alert: certificate_expired
javax net ssl sslhandshakeexception received fatal alert: certificate_unknown
recv tlsv1 2 alert: fatal, handshake_failure
javax net ssl sslexception: received fatal alert: internal_error
javax net ssl sslhandshakeexception: received fatal alert: unknown_ca
javax.net.ssl.sslhandshakeexception received fatal alert handshake_failure websphere

I am trying to build a Test Automation Tool for REST API on AWS using rest-assured framework. I just tried with a simple HTTP POST and checking the output JSON body. But when I run that in Eclipse I get SSLHandshakeException. I did try to look into the issue and found it could be something related to server certificate (Received fatal alert: handshake_failure through SSLHandshakeException) but when I test it through POSTMAN it is running fine and gives desired output. Also if I hit the URI through the browser does gets the response from the server(Error message). I am novice to SSL programming and will like to know what could be the root cause behind it and how I can fix that and proceed.

Here is the code snippet for my test method.

    public class First {


      @Test
      public void myFirstRestAssuredTest()
      {



            given().header("content-type", "application/json").and().header("cache-control", "no-cache").expect().body("messageType", equalTo("XYZ")).when().post(https://my-server-address.com/postUpdate");



     }
 }

This is the stack trace I am getting :

  javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:553)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:412)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:179)
    at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:328)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:612)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:447)
    at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:884)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
    at org.apache.http.client.HttpClient$execute$0.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:133)
    at io.restassured.internal.RequestSpecificationImpl$RestAssuredHttpBuilder.doRequest(RequestSpecificationImpl.groovy:2028)
    at io.restassured.internal.http.HTTPBuilder.post(HTTPBuilder.java:349)
    at io.restassured.internal.http.HTTPBuilder$post$2.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:133)
    at io.restassured.internal.RequestSpecificationImpl.sendRequest(RequestSpecificationImpl.groovy:1202)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
    at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1212)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1021)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:812)
    at io.restassured.internal.RequestSpecificationImpl.invokeMethod(RequestSpecificationImpl.groovy)
    at org.codehaus.groovy.runtime.callsite.PogoInterceptableSite.call(PogoInterceptableSite.java:48)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:149)
    at io.restassured.internal.filter.SendRequestFilter.filter(SendRequestFilter.groovy:30)
    at io.restassured.filter.Filter$filter$0.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at io.restassured.filter.Filter$filter.call(Unknown Source)
    at io.restassured.internal.filter.FilterContextImpl.next(FilterContextImpl.groovy:72)
    at io.restassured.filter.time.TimingFilter.filter(TimingFilter.java:56)
    at io.restassured.filter.Filter$filter.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:141)
    at io.restassured.internal.filter.FilterContextImpl.next(FilterContextImpl.groovy:72)
    at io.restassured.filter.FilterContext$next.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:133)
    at io.restassured.internal.RequestSpecificationImpl.applyPathParamsAndSendRequest(RequestSpecificationImpl.groovy:1631)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
    at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1212)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1021)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:812)
    at io.restassured.internal.RequestSpecificationImpl.invokeMethod(RequestSpecificationImpl.groovy)
    at org.codehaus.groovy.runtime.callsite.PogoInterceptableSite.call(PogoInterceptableSite.java:48)
    at org.codehaus.groovy.runtime.callsite.PogoInterceptableSite.callCurrent(PogoInterceptableSite.java:58)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:52)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:154)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:182)
    at io.restassured.internal.RequestSpecificationImpl.applyPathParamsAndSendRequest(RequestSpecificationImpl.groovy:1637)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
    at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1212)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1021)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:812)
    at io.restassured.internal.RequestSpecificationImpl.invokeMethod(RequestSpecificationImpl.groovy)
    at org.codehaus.groovy.runtime.callsite.PogoInterceptableSite.call(PogoInterceptableSite.java:48)
    at org.codehaus.groovy.runtime.callsite.PogoInterceptableSite.callCurrent(PogoInterceptableSite.java:58)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:52)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:154)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:182)
    at io.restassured.internal.RequestSpecificationImpl.post(RequestSpecificationImpl.groovy:170)
    at io.restassured.internal.RequestSpecificationImpl.post(RequestSpecificationImpl.groovy)
    at restassuredtest.First.myFirstRestAssuredTest(First.java:34)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
    at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:86)
    at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192) 

Logs after adding certificates in caserts file.

    trigger seeding of SecureRandom
    done seeding SecureRandom
    Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
    Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
    Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
    Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
main, setSoTimeout(0) called
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1465583840 bytes = { 89, 209, 72, 175, 175, 187, 136, 39, 217, 133, 241, 84, 37, 130, 134, 92, 132, 179, 147, 40, 230, 111, 93, 56, 71, 15, 75, 197 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
main, WRITE: TLSv1.2 Handshake, length = 193
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.2 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
main, called close()
main, called closeInternal(true) 

Update 6/14/2016

OpenSSL> s_client -connect my_server_name.amazonaws.com:443 -tls1 -servername www.amazon.com -CAfile aws3.pem
CONNECTED(0000016C)
depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
verify return:1
depth=1 C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Secure Server CA - G4
verify return:1
depth=0 C = US, ST = Washington, L = Seattle, O = "Amazon.com, Inc.", CN = *.cloudfront.net
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=*.cloudfront.net
   i:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
 1 s:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIQda4+BvJnDaiKn2CAMJPnfTANBgkqhkiG9w0BAQsFADB+
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj
IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE1MDkxNzAwMDAwMFoX
DTE2MTIxNTIzNTk1OVowajELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0
b24xEDAOBgNVBAcMB1NlYXR0bGUxGTAXBgNVBAoMEEFtYXpvbi5jb20sIEluYy4x
GTAXBgNVBAMMECouY2xvdWRmcm9udC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCDrJ0Z2KMhNFvi0Ugsb2PafdUkq5xQSr+LN9j3iyVm3RrsLGDQ
DE/pn/Xu2wHLMHhEh9XqeNhH/k2sMCjLb/YWJ+Ko17cWSV/PyjarTcG7c7w9NyYL
SIbdWBdWYxgrbQH78haPQRYvvkRavuuzfr8jPAwEMadHpFC7pzPzkBomAKTKCN6X
wm5TQpT9BIKqEIepwh17Q0BZoa0ptqxEU1hGtl6JGwyRGA9H0gMBjwgTUJeHOeX5
Qrdh0pc5CLjZivmvSc/4MldGvbkvBAXeFli8ag833KtN5c+yDtegynjpQFWZ6Gzw
vJxeUZLpxgKAuuVwcNf170VuqCBnaOEiwm/TAgMBAAGjggF1MIIBcTArBgNVHREE
JDAigg5jbG91ZGZyb250Lm5ldIIQKi5jbG91ZGZyb250Lm5ldDAJBgNVHRMEAjAA
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
YQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5
bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGRoXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y
cGEwHwYDVR0jBBgwFoAUX2DPYZBV34RDFIpgKrL1evRDGO8wKwYDVR0fBCQwIjAg
oB6gHIYaaHR0cDovL3NzLnN5bWNiLmNvbS9zcy5jcmwwVwYIKwYBBQUHAQEESzBJ
MB8GCCsGAQUFBzABhhNodHRwOi8vc3Muc3ltY2QuY29tMCYGCCsGAQUFBzAChhpo
dHRwOi8vc3Muc3ltY2IuY29tL3NzLmNydDANBgkqhkiG9w0BAQsFAAOCAQEANKKz
U35E8ayXRcwY8N7KjpiDSfryEuUXw3wiOBrH0IoHbaQcdfqmwe4EmGOPrz6l+FKw
97Qv4BiwNYBW/Vp3H4oeikx7Tc0iYkLKarfjufykAm8DaWwcbe2Q540bZP1tIBTE
RzkMmbBI0fgTUAgM1/ts7upvwJTTOIvpypQRN+M1S/iELdK7bNUxX8wT2lDAdT3O
scE5btZGhLPCNE7fOCfGxfGE8GHD26+lTcWdAa7cqskIVWBEMttpb9rzm00uzBbx
Q5VxsnxdDxywkmTah0Zprw/J68y4O1rhsluDQoBHfkd8ggk1pOQay/9TuqSRO/b7
uVRSvs/HJXLwRXiJKA==
-----END CERTIFICATE-----
subject=/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=*.cloudfront.net
issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
---
No client certificate CA names sent
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3284 bytes and written 356 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ECDHE-RSA-AES128-SHA
    Session-ID: EE111BD2FFFE75AF719AD48D6D07D2CBB1A9B078CE8CF9F1E47D3CE0D9F8CF86
    Session-ID-ctx:
    Master-Key: 507ADD06A6B1729AD4B0441AB124C7F2CE5FD492B08527CE5FFE62DAE7B0FF7A6EE8D53401978BAAC75F62FBA1F289D5
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 10800 (seconds)
    TLS session ticket:
    0000 - c5 40 de d4 76 bc 79 07-a4 87 5f 8d 99 38 c8 92   .@..v.y..._..8..
    0010 - e5 b0 b4 b3 f1 b6 92 18-d6 d8 94 18 56 27 fa de   ............V'..
    0020 - 0d 7b 8a ac e0 f7 7e 68-c5 7e a4 7e 73 78 b0 45   .{....~h.~.~sx.E
    0030 - 06 70 10 34 54 37 ce ff-01 d5 62 20 2a b9 2e 7d   .p.4T7....b *..}
    0040 - 9e 24 72 a9 b7 37 54 d5-1c 0e 9e 63 84 1f 09 2c   .$r..7T....c...,
    0050 - c6 4c 44 c5 f2 ea 07 23-40 a1 38 d4 d5 77 c8 4a   .LD....#@.8..w.J
    0060 - 12 3f b1 91 7c e0 40 07-3f 66 bf 3c 30 02 d6 a5   .?..|.@.?f.<0...
    0070 - 9e 46 f8 97 27 c7 35 9f-44 9d 7b 93 66 ea 02 a8   .F..'.5.D.{.f...
    0080 - 32 ec b0 4d 56 6d eb 77-22 df da e9 63 64 f3 70   2..MVm.w"...cd.p
    0090 - 2e af 52 c8 c9 89 6e 37-63 5a b2 d1 ca ea 9a 43   ..R...n7cZ.....C
    00a0 - 16 e5 7b f0 f6 dc 10 9a-20 06 fe c8 c7 9f 24 12   ..{..... .....$.

    Start Time: 1465936365
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
closed

Troubleshooting javax.net.ssl.SSLHandshakeException: Received , Learn to troubleshoot the Java exception ''javax.net.ssl. SSLHandshakeException: Received fatal alert: handshake_failure But they fail to agree on the TLS version, since the server requires v1.2 It's also good for tuning as you code. This is where those of us in QA need to reach out and get stuck in,  Since, the underlying failure cannot be pinpointed, it is better to switch on the -Djavax.net.debug=all flag to enable debugging of the SSL connection established. With the debug switched on, you can pinpoint what activity in the handshake has failed. Based on the details now available, it appears that the problem is due to an incomplete

Try overriding the apache HTTP Client version--upgrading it to 4.5.3 in my pom.xml file fixed it for me.

SSLHandshakeException - Received fatal alert, Git code management SSLHandshakeException - Received fatal alert - handshake_failure Consequently, Atlassian cannot guarantee support. to connect to a repository over HTTPS fails with the following entry in Could not access https://server.company.com/repo/ Caused by: javax.net.ssl. To understand what can cause an SSLHandshakeException we should briefly discuss how SSL connections differ from non-secure connections in Java. As it happens, SSL (Secure Socket Layer) in general has since been “replaced” with the newer protocol known as TLS (Transport Layer Security). Regardless, many modern code bases, languages

javax.net.ssl.SSLHandshakeException: Received fatal alert , A focused tutorial on SSL handshake failures and how to fix them. In this tutorial, we'll discuss various scenarios that can result in an SSL handshake failure and how to it. using the Java Socket API to simulate a network connection. is stating that the client when connecting to the server did not receive  The javax.net.ssl.SSLHandshakeException exception is usually thrown when the server you're trying to connect to does not have a valid certificate from an authorized CA.. Put simply, the server you're attempting to connect to is most likely using a self-signed certificate and you have to accomodate for that in your Java code.

You may need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 from here

SSL Handshake Failures, the server often transmits a fatal alert: handshake_failure exception with no further indication of ClientTransportException: HTTP transport error: javax.net.​ssl. a ServerHello message, or else a fatal error will occur and the connection will fail. Received fatal alert: handshake_failure through SSLHandshakeException. 10 Not able to connect to server through java code. Getting javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Article: Received fatal alert: handshake_failure through , After applying LA0029, the Config Editor can fail to connect to the TDI Server. Symptom. The 'Default Server' icon in the Config Editor shows as disconnected. MESSAGE java.rmi. javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure handling exception: javax.net.ssl. Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure. Now, this indicates something went wrong. The SSLHandshakeException above, in an abstract manner, is stating that the client when connecting to the server did not receive any certificate.

How to correct a 'Received fatal alert: handshake_failure' after JVM , I have a problem with authorized SSL connection. fatal alert: handshake_failure through SSLHandshakeException error: javax.net.ssl. //​Getting external IP from host URL whatismyip = new See JDK-8077109 (not public). cipher (or use only this cipher) this can trigger a handshake_failure on java. Hi, I encountered a problem trying to retrieve a page using Net::HTTP through a SSL connection. Maybe I'm missing some configuration? java. java version "1.8.0_51" Java(TM) SE Runtime Environment (build 1.8.0_51-b16) Java HotSpot(TM) 64-Bit Server VM (build 25.51-b03, mixed mode)

Received fatal alert: handshake_failure through , Otherwise, if a TLS/SSL handshake failure occurs the connection is The backend server immediately sends Fatal Alert : Close Notify to the Message The Message Processor runs on Java 8 and uses TLSv1.2 protocol by default. If you are unable to upgrade your backend server immediately for some  Trying to upgrade to java-cloudant library 2.3.0 with the okhttp dependency, and encountered a weird SSL handshake failure. For testing purpose, I created a simple test Java program that just connects to my Cloudant account and list all

Comments
  • Possible duplicate of Received fatal alert: handshake_failure through SSLHandshakeException
  • FYI: the openssl command did TLSv1(.0) because you specified -tls1; if you leave that out and let openssl negotiate you would have gotten 1.2. But that probably doesn't matter; the problem was probably lack of SNI (see my comment on pedrofb's answer) and that is independent of protocol version. You can test that (or could have) by omitting the -servername host from s_client and see if that reproduces the problem.
  • I tried the above steps but still I am not able to proceed. For your last point I did checked about TLS1.2 compatibility it is defualt for Java 1.8 [link]( blogs.oracle.com/java-platform-group/entry/java_8_will_use_tls ). Also, after debugging the SSL connection it shows the certificates I have added into the cacerts file but still its gives handshake exception. Can you think of something else for this issue?
  • Check your server with SSLlabs looking for errors and supported config. Also you could attach the ssl debug log so we can take a look
  • I have added the logs in my original post. The logs are after the trusted certs details.
  • You checked the server with SSLLabs?
  • Ya I did that. Any specific thing I should check in SSLLabs for my server?
  • Also worked for me. Does not require relaxedHTTPSValidation either.
  • Thanks.. this worked for me!!! This is the dependency that I added, <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>4.5.3</version> </dependency>
  • Yep - this rest-assured SSLHandshakeException issue seems related to a bug or unexpected behavior from httpclient 4.5.2. Can also confirm overriding with 4.5.3 resolved the problem.
  • Thanks. Worked for me too.