Search code examples
javamavensslantivy

Why am I getting javax.net.ssl.SSLException: Received fatal alert: protocol_version for ant?

I am getting this error after June 2018:

javax.net.ssl.SSLException: Received fatal alert: protocol_version
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
        at org.apache.tools.ant.taskdefs.Get$GetThread.openConnection(Get.java:731)
        at org.apache.tools.ant.taskdefs.Get$GetThread.get(Get.java:652)
        at org.apache.tools.ant.taskdefs.Get$GetThread.run(Get.java:642)
Solution

  • The reason is that ant downloads some artifacts from the Maven Central, using ivy plugin for example. Java 7 uses the old TLS protocol version by default. In June 2018 the TLS 1.0 & 1.1 protocols will no longer be supported for SSL connections to Maven Central.

    Why am I getting "Received fatal alert: protocol_version" or "peer not authenticated" from Maven Central?

    It can be solved at least for Java 7 by specifying TLS version as a java system property.

    All examples run a default ant task.

    For Windows

    java -Dhttps.protocols=TLSv1.2 -cp %ANT_HOME%/lib/ant-launcher.jar org.apache.tools.ant.launch.Launcher

    For Linux

    java -Dhttps.protocols=TLSv1.2 -cp ${ANT_HOME}/lib/ant-launcher.jar org.apache.tools.ant.launch.Launcher

    It is need to have ANT_HOME as a system variable or specify the full path to the ant library (c:/ant/ — is a path to the ant installation).

    java -Dhttps.protocols=TLSv1.2 -cp c:/ant/lib/ant-launcher.jar org.apache.tools.ant.launch.Launcher

    Update Java 7 version

    Also problem can be solved by updating the Java 7 version. But the last available version (7u80) doesn't fix the problem. It is need to use update provided with Oracle Advanced Support (formerly known as Java for Business).