8164591: sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java failed with SSLHandshakeException
authorasmotrak
Tue, 27 Sep 2016 11:34:45 -0700
changeset 41196 240314163e51
parent 41167 d273dfe9a126
child 41203 0a0ab54c50e5
8164591: sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java failed with SSLHandshakeException Reviewed-by: xuelei
jdk/test/javax/net/ssl/templates/SSLTest.java
jdk/test/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/net/ssl/templates/SSLTest.java	Tue Sep 27 11:34:45 2016 -0700
@@ -0,0 +1,493 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
+import java.net.SocketTimeoutException;
+import java.security.KeyStore;
+import java.util.Arrays;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLServerSocket;
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+
+/**
+ * Helper class for JSSE tests.
+ *
+ * Please run in othervm mode.  SunJSSE does not support dynamic system
+ * properties, no way to re-use system properties in samevm/agentvm mode.
+ */
+public class SSLTest {
+
+    public static final String TEST_SRC = System.getProperty("test.src", ".");
+
+    /*
+     * Where do we find the keystores?
+     */
+    public static final String PATH_TO_STORES = "../etc";
+    public static final String KEY_STORE_FILE = "keystore";
+    public static final String TRUST_STORE_FILE = "truststore";
+    public static final String PASSWORD = "passphrase";
+
+    public static final int FREE_PORT = 0;
+
+    // in seconds
+    public static final long CLIENT_SIGNAL_TIMEOUT = 30L;
+    public static final long SERVER_SIGNAL_TIMEOUT = 90L;
+
+    // in millis
+    public static final int CLIENT_TIMEOUT = 15000;
+    public static final int SERVER_TIMEOUT = 30000;
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    private boolean separateServerThread = false;
+
+    /*
+     * What's the server port?  Use any free port by default
+     */
+    private volatile int serverPort;
+
+    private volatile Exception serverException;
+    private volatile Exception clientException;
+
+    private Thread clientThread;
+    private Thread serverThread;
+
+    private Peer serverPeer;
+    private Peer clientPeer;
+
+    private Application serverApplication;
+    private Application clientApplication;
+
+    private SSLContext context;
+
+    /*
+     * Is the server ready to serve?
+     */
+    private final CountDownLatch serverCondition = new CountDownLatch(1);
+
+    /*
+     * Is the client ready to handshake?
+     */
+    private final CountDownLatch clientCondition = new CountDownLatch(1);
+
+    /*
+     * Public API.
+     */
+
+    public static interface Peer {
+        void run(SSLTest test) throws Exception;
+    }
+
+    public static interface Application {
+        void run(SSLSocket socket, SSLTest test) throws Exception;
+    }
+
+    public static void debug() {
+        debug("ssl");
+    }
+
+    public static void debug(String mode) {
+        System.setProperty("javax.net.debug", mode);
+    }
+
+    public static void setup(String keyFilename, String trustFilename,
+            String password) {
+
+        System.setProperty("javax.net.ssl.keyStore", keyFilename);
+        System.setProperty("javax.net.ssl.keyStorePassword", password);
+        System.setProperty("javax.net.ssl.trustStore", trustFilename);
+        System.setProperty("javax.net.ssl.trustStorePassword", password);
+    }
+
+    public static void setup() throws Exception {
+        String keyFilename = TEST_SRC + "/" + PATH_TO_STORES + "/"
+                + KEY_STORE_FILE;
+        String trustFilename = TEST_SRC + "/" + PATH_TO_STORES + "/"
+                + TRUST_STORE_FILE;
+
+        setup(keyFilename, trustFilename, PASSWORD);
+    }
+
+    public static void print(String message, Throwable... errors) {
+        synchronized (System.out) {
+            System.out.println(message);
+            Arrays.stream(errors).forEach(e -> e.printStackTrace(System.out));
+        }
+    }
+
+    public static KeyStore loadJksKeyStore(String filename, String password)
+            throws Exception {
+
+        return loadKeyStore(filename, password, "JKS");
+    }
+
+    public static KeyStore loadKeyStore(String filename, String password,
+            String type) throws Exception {
+
+        KeyStore keystore = KeyStore.getInstance(type);
+        try (FileInputStream fis = new FileInputStream(filename)) {
+            keystore.load(fis, password.toCharArray());
+        }
+        return keystore;
+    }
+
+    public SSLTest setSeparateServerThread(boolean separateServerThread) {
+        this.separateServerThread = separateServerThread;
+        return this;
+    }
+
+    public SSLTest setServerPort(int serverPort) {
+        this.serverPort = serverPort;
+        return this;
+    }
+
+    public int getServerPort() {
+        return serverPort;
+    }
+
+    public SSLTest setSSLContext(SSLContext context) {
+        this.context = context;
+        return this;
+    }
+
+    public SSLContext getSSLContext() {
+        return context;
+    }
+
+    public SSLServerSocketFactory getSSLServerSocketFactory() {
+        if (context != null) {
+            return context.getServerSocketFactory();
+        }
+
+        return (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
+    }
+
+    public SSLSocketFactory getSSLSocketFactory() {
+        if (context != null) {
+            return context.getSocketFactory();
+        }
+
+        return (SSLSocketFactory) SSLSocketFactory.getDefault();
+    }
+
+    public void signalServerReady() {
+        serverCondition.countDown();
+    }
+
+    public boolean waitForClientSignal(long timeout, TimeUnit unit)
+            throws InterruptedException {
+
+        return clientCondition.await(timeout, unit);
+    }
+
+    public boolean waitForClientSignal() throws InterruptedException {
+        return waitForClientSignal(CLIENT_SIGNAL_TIMEOUT, TimeUnit.SECONDS);
+    }
+
+    public void signalClientReady() {
+        clientCondition.countDown();
+    }
+
+    public boolean waitForServerSignal(long timeout, TimeUnit unit)
+            throws InterruptedException {
+
+        return serverCondition.await(timeout, unit);
+    }
+
+    public boolean waitForServerSignal() throws InterruptedException {
+        return waitForServerSignal(SERVER_SIGNAL_TIMEOUT, TimeUnit.SECONDS);
+    }
+
+    public SSLTest setServerPeer(Peer serverPeer) {
+        this.serverPeer = serverPeer;
+        return this;
+    }
+
+    public Peer getServerPeer() {
+        return serverPeer;
+    }
+
+    public SSLTest setServerApplication(Application serverApplication) {
+        this.serverApplication = serverApplication;
+        return this;
+    }
+
+    public Application getServerApplication() {
+        return serverApplication;
+    }
+
+    public SSLTest setClientPeer(Peer clientPeer) {
+        this.clientPeer = clientPeer;
+        return this;
+    }
+
+    public Peer getClientPeer() {
+        return clientPeer;
+    }
+
+    public SSLTest setClientApplication(Application clientApplication) {
+        this.clientApplication = clientApplication;
+        return this;
+    }
+
+    public Application getClientApplication() {
+        return clientApplication;
+    }
+
+    public void runTest() throws Exception {
+        if (separateServerThread) {
+            startServer(true, this);
+            startClient(false, this);
+            serverThread.join();
+        } else {
+            startClient(true, this);
+            startServer(false, this);
+            clientThread.join();
+        }
+
+        if (clientException != null || serverException != null) {
+            throw new RuntimeException("Test failed");
+        }
+    }
+
+    public SSLTest() {
+        serverPeer = (test) -> doServerSide(test);
+        clientPeer = (test) -> doClientSide(test);
+        serverApplication = (socket, test) -> runServerApplication(socket);
+        clientApplication = (socket, test) -> runClientApplication(socket);
+    }
+
+    /*
+     * Private part.
+     */
+
+
+    /*
+     * Define the server side of the test.
+     */
+    private static void doServerSide(SSLTest test) throws Exception {
+        SSLServerSocket sslServerSocket;
+
+        // kick start the server side service
+        SSLServerSocketFactory sslssf = test.getSSLServerSocketFactory();
+        sslServerSocket = (SSLServerSocket)sslssf.createServerSocket(FREE_PORT);
+
+        test.setServerPort(sslServerSocket.getLocalPort());
+        print("Server is listening on port " + test.getServerPort());
+
+        // Signal the client, the server is ready to accept connection.
+        test.signalServerReady();
+
+        // Try to accept a connection in 30 seconds.
+        SSLSocket sslSocket;
+        try {
+            sslServerSocket.setSoTimeout(SERVER_TIMEOUT);
+            sslSocket = (SSLSocket) sslServerSocket.accept();
+            print("Server accepted connection");
+        } catch (SocketTimeoutException ste) {
+            sslServerSocket.close();
+
+            // Ignore the test case if no connection within 30 seconds.
+            print("No incoming client connection in 30 seconds. "
+                    + "Ignore in server side.", ste);
+            return;
+        }
+
+        // handle the connection
+        try {
+            // Is it the expected client connection?
+            //
+            // Naughty test cases or third party routines may try to
+            // connection to this server port unintentionally.  In
+            // order to mitigate the impact of unexpected client
+            // connections and avoid intermittent failure, it should
+            // be checked that the accepted connection is really linked
+            // to the expected client.
+            boolean clientIsReady = test.waitForClientSignal();
+
+            if (clientIsReady) {
+                // Run the application in server side.
+                print("Run server application");
+                test.getServerApplication().run(sslSocket, test);
+            } else {    // Otherwise, ignore
+                // We don't actually care about plain socket connections
+                // for TLS communication testing generally.  Just ignore
+                // the test if the accepted connection is not linked to
+                // the expected client or the client connection timeout
+                // in 30 seconds.
+                print("The client is not the expected one or timeout. "
+                        + "Ignore in server side.");
+            }
+        } finally {
+            sslSocket.close();
+            sslServerSocket.close();
+        }
+    }
+
+    /*
+     * Define the server side application of the test for the specified socket.
+     */
+    private static void runServerApplication(SSLSocket socket)
+            throws Exception {
+
+        // here comes the test logic
+        InputStream sslIS = socket.getInputStream();
+        OutputStream sslOS = socket.getOutputStream();
+
+        sslIS.read();
+        sslOS.write(85);
+        sslOS.flush();
+    }
+
+    /*
+     * Define the client side of the test.
+     */
+    private static void doClientSide(SSLTest test) throws Exception {
+
+        // Wait for server to get started.
+        //
+        // The server side takes care of the issue if the server cannot
+        // get started in 90 seconds.  The client side would just ignore
+        // the test case if the serer is not ready.
+        boolean serverIsReady = test.waitForServerSignal();
+        if (!serverIsReady) {
+            print("The server is not ready yet in 90 seconds. "
+                    + "Ignore in client side.");
+            return;
+        }
+
+        SSLSocketFactory sslsf = test.getSSLSocketFactory();
+        try (SSLSocket sslSocket = (SSLSocket)sslsf.createSocket()) {
+            try {
+                sslSocket.connect(
+                        new InetSocketAddress("localhost",
+                                test.getServerPort()), CLIENT_TIMEOUT);
+                print("Client connected to server");
+            } catch (IOException ioe) {
+                // The server side may be impacted by naughty test cases or
+                // third party routines, and cannot accept connections.
+                //
+                // Just ignore the test if the connection cannot be
+                // established.
+                print("Cannot make a connection in 15 seconds. "
+                        + "Ignore in client side.", ioe);
+                return;
+            }
+
+            // OK, here the client and server get connected.
+
+            // Signal the server, the client is ready to communicate.
+            test.signalClientReady();
+
+            // There is still a chance in theory that the server thread may
+            // wait client-ready timeout and then quit.  The chance should
+            // be really rare so we don't consider it until it becomes a
+            // real problem.
+
+            // Run the application in client side.
+            print("Run client application");
+            test.getClientApplication().run(sslSocket, test);
+        }
+    }
+
+    /*
+     * Define the client side application of the test for the specified socket.
+     */
+    private static void runClientApplication(SSLSocket socket)
+            throws Exception {
+
+        InputStream sslIS = socket.getInputStream();
+        OutputStream sslOS = socket.getOutputStream();
+
+        sslOS.write(280);
+        sslOS.flush();
+        sslIS.read();
+    }
+
+    private void startServer(boolean newThread, SSLTest test) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                @Override
+                public void run() {
+                    try {
+                        serverPeer.run(test);
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        print("Server died ...", e);
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            try {
+                serverPeer.run(test);
+            } catch (Exception e) {
+                print("Server failed ...", e);
+                serverException = e;
+            }
+        }
+    }
+
+    private void startClient(boolean newThread, SSLTest test) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                @Override
+                public void run() {
+                    try {
+                        clientPeer.run(test);
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        print("Client died ...", e);
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            try {
+                clientPeer.run(test);
+            } catch (Exception e) {
+                print("Client failed ...", e);
+                clientException = e;
+            }
+        }
+    }
+}
--- a/jdk/test/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java	Wed Jul 05 22:16:18 2017 +0200
+++ b/jdk/test/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java	Tue Sep 27 11:34:45 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,7 +26,9 @@
  * @bug 4328195
  * @summary Need to include the alternate subject DN for certs,
  *          https should check for this
- * @run main/othervm ServerIdentityTest
+ * @library /javax/net/ssl/templates
+ * @run main/othervm ServerIdentityTest dnsstore
+ * @run main/othervm ServerIdentityTest ipstore
  *
  *     SunJSSE does not support dynamic system properties, no way to re-use
  *     system properties in samevm/agentvm mode.
@@ -34,242 +36,71 @@
  * @author Yingxian Wang
  */
 
-import java.io.*;
-import java.net.*;
-import javax.net.ssl.*;
+import java.io.BufferedWriter;
+import java.io.OutputStreamWriter;
+import java.net.HttpURLConnection;
+import java.net.URL;
 import java.security.KeyStore;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLContext;
 
 public class ServerIdentityTest {
 
-    /*
-     * =============================================================
-     * Set the various variables needed for the tests, then
-     * specify what tests to run on each side.
-     */
-
-    /*
-     * Should we run the client or server in a separate thread?
-     * Both sides can throw exceptions, but do you have a preference
-     * as to which side should be the main thread.
-     */
-    static boolean separateServerThread = true;
-
-    /*
-     * Where do we find the keystores?
-     */
-    static String pathToStores = "./";
-    static String[] keyStoreFiles = {"dnsstore", "ipstore"};
-    static String[] trustStoreFiles = {"dnsstore", "ipstore"};
-    static String passwd = "changeit";
-
-    /*
-     * Is the server ready to serve?
-     */
-    boolean serverReady = false;
-
-    /*
-     * Turn on SSL debugging?
-     */
-    static boolean debug = false;
-
-    /*
-     * If the client or server is doing some kind of object creation
-     * that the other side depends on, and that thread prematurely
-     * exits, you may experience a hang.  The test harness will
-     * terminate all hung threads after its timeout has expired,
-     * currently 3 minutes by default, but you might try to be
-     * smart about it....
-     */
-
-    /*
-     * Define the server side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doServerSide() throws Exception {
-        SSLServerSocketFactory sslssf =
-            context.getServerSocketFactory();
-        SSLServerSocket sslServerSocket =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort);
-        serverPort = sslServerSocket.getLocalPort();
-
-        /*
-         * Signal Client, we're ready for his connect.
-         */
-        serverReady = true;
-
-        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
-        OutputStream sslOS = sslSocket.getOutputStream();
-        BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(sslOS));
-        bw.write("HTTP/1.1 200 OK\r\n\r\n\r\n");
-        bw.flush();
-        Thread.sleep(2000);
-        sslSocket.getSession().invalidate();
-        sslSocket.close();
-    }
-
-    /*
-     * Define the client side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doClientSide() throws Exception {
-        /*
-         * Wait for server to get started.
-         */
-        while (!serverReady) {
-            Thread.sleep(50);
-        }
-        String host = iphost? "127.0.0.1": "localhost";
-        URL url = new URL("https://"+host+":"+serverPort+"/index.html");
-
-        HttpURLConnection urlc = (HttpURLConnection)url.openConnection();
-        InputStream is = urlc.getInputStream();
-        is.close();
-    }
-
-    /*
-     * =============================================================
-     * The remainder is just support stuff
-     */
-
-    volatile int serverPort = 0;
-
-    volatile Exception serverException = null;
-    volatile Exception clientException = null;
+    private static final String PASSWORD = "changeit";
 
     public static void main(String[] args) throws Exception {
-        SSLSocketFactory reservedSFactory =
-                HttpsURLConnection.getDefaultSSLSocketFactory();
-        try {
-            for (int i = 0; i < keyStoreFiles.length; i++) {
-                String keyFilename =
-                    System.getProperty("test.src", ".") + "/" + pathToStores +
-                    "/" + keyStoreFiles[i];
-                String trustFilename =
-                    System.getProperty("test.src", ".") + "/" + pathToStores +
-                    "/" + trustStoreFiles[i];
+        final String keystore = args[0];
+        String keystoreFilename = SSLTest.TEST_SRC + "/" + keystore;
 
-                System.setProperty("javax.net.ssl.keyStore", keyFilename);
-                System.setProperty("javax.net.ssl.keyStorePassword", passwd);
-                System.setProperty("javax.net.ssl.trustStore", trustFilename);
-                System.setProperty("javax.net.ssl.trustStorePassword", passwd);
-
-                if (debug)
-                    System.setProperty("javax.net.debug", "all");
-                SSLContext context = SSLContext.getInstance("SSL");
+        SSLTest.setup(keystoreFilename, keystoreFilename, PASSWORD);
 
-                KeyManager[] kms = new KeyManager[1];
-                KeyStore ks = KeyStore.getInstance("JKS");
-                FileInputStream fis = new FileInputStream(keyFilename);
-                ks.load(fis, passwd.toCharArray());
-                fis.close();
-                KeyManager km = new MyKeyManager(ks, passwd.toCharArray());
-                kms[0] = km;
-                context.init(kms, null, null);
-                HttpsURLConnection.setDefaultSSLSocketFactory(
-                     context.getSocketFactory());
+        SSLContext context = SSLContext.getInstance("SSL");
 
-                /*
-                 * Start the tests.
-                 */
-                System.out.println("Testing " + keyFilename);
-                new ServerIdentityTest(context, keyStoreFiles[i]);
-            }
-        } finally {
-            HttpsURLConnection.setDefaultSSLSocketFactory(reservedSFactory);
-        }
-    }
-
-    Thread clientThread = null;
-    Thread serverThread = null;
-
-    /*
-     * Primary constructor, used to drive remainder of the test.
-     *
-     * Fork off the other side, then do your work.
-     */
-    SSLContext context;
-    boolean iphost = false;
-    ServerIdentityTest(SSLContext context, String keystore)
-        throws Exception {
-        this.context = context;
-        iphost = keystore.equals("ipstore");
-        if (separateServerThread) {
-            startServer(true);
-            startClient(false);
-        } else {
-            startClient(true);
-            startServer(false);
-        }
+        KeyManager[] kms = new KeyManager[1];
+        KeyStore ks = SSLTest.loadJksKeyStore(keystoreFilename, PASSWORD);
+        KeyManager km = new MyKeyManager(ks, PASSWORD.toCharArray());
+        kms[0] = km;
+        context.init(kms, null, null);
+        HttpsURLConnection.setDefaultSSLSocketFactory(
+                context.getSocketFactory());
 
         /*
-         * Wait for other side to close down.
+         * Start the test.
          */
-        if (separateServerThread) {
-            serverThread.join();
-        } else {
-            clientThread.join();
-        }
-
-        /*
-         * When we get here, the test is pretty much over.
-         *
-         * If the main thread excepted, that propagates back
-         * immediately.  If the other thread threw an exception, we
-         * should report back.
-         */
-        if (serverException != null)
-            throw serverException;
-        if (clientException != null)
-            throw clientException;
-    }
+        System.out.println("Testing " + keystore);
 
-    void startServer(boolean newThread) throws Exception {
-        if (newThread) {
-            serverThread = new Thread() {
-                public void run() {
-                    try {
-                        doServerSide();
-                    } catch (Exception e) {
-                        e.printStackTrace();
-                        /*
-                         * Our server thread just died.
-                         *
-                         * Release the client, if not active already...
-                         */
-                        System.err.println("Server died...");
-                        serverReady = true;
-                        serverException = e;
-                    }
+        new SSLTest()
+            .setSSLContext(context)
+            .setServerApplication((socket, test) -> {
+                BufferedWriter bw = new BufferedWriter(
+                        new OutputStreamWriter(socket.getOutputStream()));
+                bw.write("HTTP/1.1 200 OK\r\n\r\n\r\n");
+                bw.flush();
+                Thread.sleep(2000);
+                socket.getSession().invalidate();
+                SSLTest.print("Server application is done");
+            })
+            .setClientPeer((test) -> {
+                boolean serverIsReady = test.waitForServerSignal();
+                if (!serverIsReady) {
+                    SSLTest.print(
+                            "The server is not ready, ignore on client side.");
+                    return;
                 }
-            };
-            serverThread.start();
-        } else {
-            doServerSide();
-        }
-    }
+
+                // Signal the server, the client is ready to communicate.
+                test.signalClientReady();
 
-    void startClient(boolean newThread) throws Exception {
-        if (newThread) {
-            clientThread = new Thread() {
-                public void run() {
-                    try {
-                        doClientSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our client thread just died.
-                         */
-                        System.err.println("Client died...");
-                        clientException = e;
-                    }
-                }
-            };
-            clientThread.start();
-        } else {
-            doClientSide();
-        }
+                String host = keystore.equals("ipstore")
+                        ? "127.0.0.1" : "localhost";
+                URL url = new URL("https://" + host + ":" + test.getServerPort()
+                        + "/index.html");
+
+                ((HttpURLConnection) url.openConnection())
+                        .getInputStream().close();
+
+                SSLTest.print("Client is done");
+            }).runTest();
     }
 }