Problem with HTTPS only for phone web access

Version 1
    This document was generated from CDN thread

    Created by: douglas conklin on 05-05-2011 07:26:35 PM
    This is the closest to the correct forum I could think of for this.
     
    I have a 7961 on a CUCM 8.5.1.1.0000-10 that I've configured for HTTPS only. I am trying to access HTTPS URLs via a java client (Apache HTTPClient).
     
    The SSL handshake is not accepted by the phone.
     
    It looks like my client sends the client hello, but the server simply ends the connection without sending the server hello, so it can't be anything to do with the actual certificate.
     
    This works fine on this phone from a browser. I also have a 7921, and a 7925 on a 7.1 cluster which support https, and the same code works for those.
     
    URL is https://172.17.10.155/DeviceInformationX but since the handshake fails, it can't be an issue with the URL itself.
     
    Phone load:

      <appLoadID>jar41sccp.9-1-1TH1-6.sbn</appLoadID>


      <bootLoadID>boot41.3-2-2-0.bin</bootLoadID>

     
    Below I'll include the java network level logging that shows the handshake failure.
     
    I'll probably have to open a dev support case, but I'm hoping to get lucky with some feedback here.
     
    Thanks for your attention,
    Douglas
     
    java netowrk layer logging with hashes redacted.
     
    trigger seeding of SecureRandom
    done seeding SecureRandom
    pool-7-thread-3, setSoTimeout(5000) called
    pool-7-thread-3, setSoTimeout(5000) called
    %% No cached client session
    *** ClientHello, TLSv1
    RandomCookie:  GMT: 1287778865 bytes = { 120, 237, 62, 153, 25, 89, 124, 133, 60, 197, 222, 42, 79, 53, 30, 247, 177, 252, 167, 215, 131, 217, 142, 143, 105, 200, 46, 154 }
    Session ID:  {}
    Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
    Compression Methods:  { 0 }
    ***
    MD5 and SHA1 hashes:  len = 73

    pool-7-thread-3, WRITE: TLSv1 Handshake, length = 73
    MD5 and SHA1 hashes:  len = 98

    pool-7-thread-3, WRITE: SSLv2 client hello message, length = 98
    [Raw write]: length = 100

    pool-7-thread-3, received EOFException: error
    pool-7-thread-3, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
    pool-7-thread-3, SEND TLSv1 ALERT:  fatal, description = handshake_failure
    pool-7-thread-3, WRITE: TLSv1 Alert, length = 2
    [Raw write]: length = 7
    0000: 15 03 01 00 02 02 28                               ......(
    pool-7-thread-3, called closeSocket()
    pool-7-thread-3, called close()
    pool-7-thread-3, called closeInternal(true)
    pool-7-thread-3, called close()
    pool-7-thread-3, called closeInternal(true)
    pool-7-thread-3, called close()
    pool-7-thread-3, called closeInternal(true)