Default SSL context init failed: jks
Hello to all.
This is my first post in the Sun forums. I am a C++ programmer migrating to Java.
I am writting a SSL client that connects to my SSL-speaking daemon. The code I am
trying is from examples across the internet:
---CODE BEGINS---
import javax.net.ssl.*;
import javax.net.*;
import java.net.*;
import java.io.*;
public class FirstClass {
public static void main(String[] args) {
FirstClass firstClass1 = new FirstClass();
try {
int port = 4433;
String hostname = "localhost";
SocketFactory socketFactory = SSLSocketFactory.getDefault();
Socket socket = socketFactory.createSocket(hostname, port);
// Create streams to securely send and receive data to the server
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
// Read from in and write to out...
// Close the socket
in.close();
out.close();
} catch(IOException e) {
System.out.println("Exception: " + e.getMessage());
---CODE ENDS---
Everything goes okay in the build process, the problem is like the topic says a problem
with the creatinon of the SSL context. Also, I run it with the appropriate params as in:
---CMD BEGINS---
java \
-Djavax.net.debug=ssl \
-Djavax.net.ssl.keyStore=serverKeyStore \
-Djavax.net.ssl.keyPassword=123456 \
MySSLExample
---CMD ENDS---
I have the serverKeyStore that I created with keytool and the password is
really 123456 (tuff one, huh?). The output is:
---OUTPUT BEGINS---
keyStore is : serverKeyStore
keyStore type is : jks
init keystore
default context init failed: java.security.KeyStoreException: jks
Exception: Default SSL context init failed: jks
---OUTPUT ENDS---
I really don't care for trusting the certificates, I only want some kind of encryption
on the data channels (in/out) so I could ignore the verification of the certificates.
I also found someone on a forum that asked the same I am now, but he latter posted
that he found the solution and left... with no solution posted.
Thanks for any help out there,
Rodrigo Madera
Try
-Djavax.net.ssl.keyStorePassword=123456
instead of
-Djavax.net.ssl.keyPassword=123456
Similar Messages
-
Default SSL context init failed: null
Hi all,
I am trying to open a SSL connection from a tomcat server (called it TC1) that locate within a DMZ to the other tomcat server (called it TC2) which is located in external network.
I got the following in the TC1 system.out,
WARNING: Servlet.service() for servlet HelloWorld threw exception
java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Sou
rce)
at HelloWorld.doGet(HelloWorld.java:20)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:825)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ssConnection(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo
int.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFol
lowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:684)
at java.lang.Thread.run(Unknown Source)
Here is the servlet i place in TC1 which open a SSL connection to TC2.
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.net.URL;
import java.net.URLConnection;
public class HelloWorld extends HttpServlet {
public void doGet(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();
out.println("Hello World");
URL url = new URL("https://154.123.23.10:8443");
URLConnection con = url.openConnection();
con.connect();
}I have used java keytool to generate a self-signed cert and also a keystore in TC2. Below is the Connector element of the server.xml of TC2
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\program files\Tomcat 5.5.7\keystore\.keystore"/>
I also imported the self-signed cert into the truststore of machine which host the TC1. The place i store the self-signed cert of TC2 is jre_home\lib\security\cacerts
Does anyone know how to resolve the exception "java.net.SocketException: Default SSL context init failed: null" I mentioned above?
Thanks for your help
FengI had the same problem (tomcat was acting as an axis client), I resolved it by adding -Djavax.net.debug=all to my CATALINA_OPTS in the startup-skript
=> Then I got the message, that the keystrore/truststore could not be found.
That was the problem - and now the context null is gone ;)
CATALINA_OPTS=-Djavax.net.ssl.trustStore=ABSOLUTE_LOCATION_TO_TRUSTSTORE -Djavax.net.ssl.keyStore=ABSOLUTE_LOCATION_TO_KEYSTORE -Djavax.net.ssl.keyStorePassword=********
-Djavax.net.ssl.keyStoreType=jks
-Djava.protocol.handler.pkgs=javax.net.ssl
-Djavax.net.debug=allGood luck !
SuCkerD -
SSL - Default SSL context init failed: null - need help with code
Hi!
Once Again I have problems with SSL.
I read something about SSL here:
http://www.javaalmanac.com/egs/javax.net.ssl/Server.html
Now I tried to test this stuff, that resulted in this program (I simply tried to put the SSL stuff from the above code in a small skeleton):
import java.io.*;
import java.net.*;
import java.security.*;
import javax.net.ssl.*;
import javax.net.*;
public class MyServer
public static void main(String arguments[])
try
int port = 443;
ServerSocketFactory ssocketFactory = SSLServerSocketFactory.getDefault();
ServerSocket ssocket = ssocketFactory.createServerSocket(port);
// Listen for connections
Socket socket = ssocket.accept();
System.out.println("Connected successfully");
// Create streams to securely send and receive data to the client
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
// Read from in and write to out...
// Close the socket
in.close();
out.close();
catch(IOException e)
System.out.println("GetMessage() = "+e.getMessage());
e.printStackTrace();
} Now I compiled this stuff with : 'javac MyServer.java' - there were no errors. After this I run the program
with the following command (also taken from java almanac):
'java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 MyServer'
But if I run it, it reports:
"GetMessage() = Default SSL context init failed: null
java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLServerSocketFactory.createServerSocket(Dasho
6275)
at MyServer.main(MyServer.java:15)"
createServerSocket() seems to be the wrong line, but what is wrong with it.
Is there any mistake in my code ?
Btw. I created my keystore etc. according to the instructions at
http://forum.java.sun.com/thread.jsp?forum=2&thread=528092&tstart=0&trange=15
Any help appreciated
Greets
dancing_coderI got this error last week.
The problem was that the keystore I was pointing to, was in other location, so it could not initialize the default context.
I had defined ...
String CLIENT_CERTIFPATH = getParam("client.certificate.path", "/users/pridas/myKeystoreFile");
// getParam extracts the location of the keystore from a text file which contains some configuration parameters. The default value will be /users/pridas/myKeystoreFile
In my case, I will try to develop a secure SOAP conexion using certificates.
Before to try the conexion, I defined ...
System.setProperty("javax.net.ssl.trustStore", CLIENT_CERTIFPATH);
System.setProperty("javax.net.ssl.keyStore", CLIENT_CERTIFPATH);
... and the problem when I got this error ... the keystore file was not in the correct location.
That was how I resolved this error.
I hope everybody will be oriented about this kind of errors.
Salu2. -
Default SSL context init failed: Invalid keystore format
Hi, I can't connect to my ldap server. The problem is ssl. I'm trying to do this:
import java.io.IOException;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.ldap.LdapContext;
public class TestAuthentifikation {
public static void main (String [] args) throws IOException {
try {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldaps://subdomain.dyndns.org:636/");
env.put(Context.SECURITY_PRINCIPAL, "uid=user,ou=users,dc=subdomain,dc=dyndns,dc=org");
env.put(Context.SECURITY_CREDENTIALS, "passwd");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PROTOCOL, "ssl");
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.ssl.keyStore", "/usr/lib/j2se/1.4/jre/lib/security/cacerts");
System.setProperty("javax.net.ssl.trustStore","/usr/lib/j2se/1.4/jre/lib/security/cacerts");
env.put(LdapContext.CONTROL_FACTORIES, "com.sun.jndi.ldap.ControlFactory");
DirContext ctx = new InitialDirContext(env);
//use ctx....
// Close the context when we're done
ctx.close();
catch(NamingException ne) {
System.err.println(ne);
ne.printStackTrace();
}The exception is this:
javax.naming.CommunicationException: subdomain.dyndns.org:636 [Root exception is java.net.SocketException: Default SSL context init failed: Invalid keystore format]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:194)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:119)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1668)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2599)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)On the server I have created this ldap_crt.pem file:
openssl req -x509 -days 3650 -newkey rsa:2048 -nodes -keyout ldap_key.pem -keyform PEM -out ldap_crt.pem -outform PEMwhich sits on the clients /etc/ssl/certs directory. Like this I can connect with a ldap browser to the server.
I should do something like this:
keytool -import -alias AUTH_CA -file rootcert.crt -keystore /usr/lib/j2se/1.4/jre/lib/security/cacertsHow do I get this rootcert.crt file?
I did this and changed the keystore from cacerts to mycacerts in the java class file:
sudo keytool -import -alias AUTH_CA -file /etc/ssl/certs/ldap_crt.pem -keystore /usr/lib/j2se/1.4/jre/lib/security/mycacertsThen I get this:
javax.naming.CommunicationException: simple bind failed: subdomain.dyndns.org:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: *No trusted certificate found*]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:198)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2640)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
Edited by: borobudur on May 18, 2008 7:09 AMJust a permission problem! Take care that your process can write on the keystore/truststore.
-
Default SSL context init failed:
Hi All,
i got this problem in my Web services client, i have installed correct certificate and jar deployment for the same. but there is no solution for the same.
so please help us to solve this issue as soon as possible.
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Default SSL context init failed: null
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:156)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:92)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at com.ibm.ivr.webservices.IVRCDBServiceSoapBindingStub.getCustomerProfile(IVRCDBServiceSoapBindingStub.java:442)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeMobilitySOAPRPCService(CDBServiceHandler.java:269)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeSOAPRPCService(CDBServiceHandler.java:148)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.fetchCustomerProfile(CDBStaticServicesInvoker.java:201)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.getCustomerProfile(CDBStaticServicesInvoker.java:102)
at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.peri.rnd.jsb.Jsb$MethodCall.invoke(Jsb.java:1054)
at com.peri.rnd.jsb.Jsb$Client.invokeMethod(Jsb.java:1269)
at com.peri.rnd.jsb.Jsb$Client.handleSendResource(Jsb.java:1398)
at com.peri.rnd.jsb.Jsb$Client.run(Jsb.java:1552)
at java.lang.Thread.run(Thread.java:595)
{http://xml.apache.org/axis/}hostname:PNQAP22216
java.net.SocketException: Default SSL context init failed: null
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at com.ibm.ivr.webservices.IVRCDBServiceSoapBindingStub.getCustomerProfile(IVRCDBServiceSoapBindingStub.java:442)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeMobilitySOAPRPCService(CDBServiceHandler.java:269)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeSOAPRPCService(CDBServiceHandler.java:148)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.fetchCustomerProfile(CDBStaticServicesInvoker.java:201)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.getCustomerProfile(CDBStaticServicesInvoker.java:102)
at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.peri.rnd.jsb.Jsb$MethodCall.invoke(Jsb.java:1054)
at com.peri.rnd.jsb.Jsb$Client.invokeMethod(Jsb.java:1269)
at com.peri.rnd.jsb.Jsb$Client.handleSendResource(Jsb.java:1398)
at com.peri.rnd.jsb.Jsb$Client.run(Jsb.java:1552)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:156)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:92)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 22 moreHelp yourself. Start by doing some proper research. Paste 'java.net.SocketException: Default SSL context init failed: null' into google and see what you get: I did and I got plenty of hits.
-
Hi
I am trying to connect to an https:// url using java (digital certificates) and send an xml file to it and get the response..
I have server certificate stored in our m/c..and password..
I am getting following exception ->>>
Default SSL context init failed: DerInputStream.getLength(): lengthTag=109, too big.
It is arising from the following line of the code ->
OutputStream ops = (OutputStream) servletConnection.getOutputStream();
Could anyone provide me the soln ASAP..its urgent...See my reply to http://forum.java.sun.com/thread.jspa?threadID=5245161&tstart=0
-
Default ssl context init failed: Cannot resolve key
Hi, I get this SSL Exception when I try to run my server using
ssl socket:
"default ssl context init failed: Cannot resolve key"
it is thrown at this line: "sslServerFactory.createServerSocket(port)"
I created a kestore and trustore files using 'keytool' and the step by step from the Jsse reference guide:
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html#CreateKeystore
why do I get this exception and how to solve it, thank you.
YvesSSL error messages are sometimes cryptic.
Set:
System.getProperties().put("javax.net.debug","all");to really see what is happening.
Cheers'
Kullervo -
Error- isDefault SSL context init failed : Cannot recover key
Hi,
We are trying to run a sample HTTPS request from client to Server using SSL.
Below is the the code we used to run Client program which will communicate with HTTPS server (Server Socket which will accept connections)
Basically we created a server certificate inside Https server program and that will be exported and imported into Client directory.
Finally when we run below client program means its giving below error
Error- isDefault SSL context init failed : Cannot recover key
Can anybody please help me to run this program successfully?If we you give some basic steps to check the settings what needs to be set before running this program.?
Client Program
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider() );
System.setProperty("javax.net.ssl.keyStore", "D:\\JavaR&D\\Rajiv\\server\\serverkeys");
System.setProperty("javax.net.ssl.keyStoreType" ,"JKS"); /* ,"pkcs12" */
System.setProperty("javax.net.ssl.keyStorePassword","welcome");
System.setProperty("javax.net.ssl.trustStore" , "C:\\j2sdk1.5.0\\jre\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword" , "clientpass");
System.setProperty("javax.net.ssl.trustStoreType","JKS"); /* ,"pkcs12" */
System.setProperty("java.protocol.handler.pkgs" ,"com.sun.net.ssl.internal.www.protocol");
com.sun.net.ssl.HostnameVerifier hv=new com.sun.net.ssl.HostnameVerifier() {
public boolean verify(String urlHostname, String certHostname) {
System.out.println("urlHostname >>" + urlHostname +"<<");
System.out.println("certHostname >>" + certHostname +"<<");
System.out.println("WARNING: Hostname is not matched for cert.");
return true;
com.sun.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(hv);
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
// server = (SSLServerSocket) factory.createServerSocket(portNumber);
System.out.println("above socketcreation");
SSLSocket socket = (SSLSocket)factory.createSocket("172.16.56.227",8443);
Server ProgramIs there some kind of timeline that I can expect 8.1 to ship in?
I appreciate being informed that this is a known issue and all, but without giving me a timeframe to expect a fix in, how can you possibly expect me to continue to pursue your products as viable options?
To tell me to wait for 8.1, without giving me a timeframe or any further details is simply put in one word. Amatuer.
What kind of response is this? What am I supposed to tell my supervisor? How am I supposed to explain to upper management that the application server they're telling us to use is incapable of handling the use cases our business functions require? What do you want me to do, tell them to wait for the next release without being able to give them a ballpark figure? We're a small team, us Java guys. We've already invested months is moving to a new platform. Now that platform is failing us, and the vendor hasn't got any better response than, "Oh yeah, our bad. We'll fix it next time... whenever that is..."
If 8.1 is as half-baked as 8.0 is (BTW your deploytool is a broken piece of junk. I can reliably crash the thing in under 10 seconds) then I don't have a lot of hope for 8.1. You can bet I sure as heck won't be holding my breath for it.
Looks like it's time to investigate the other vendors that support J2EE 1.4. Something tells me I'll have better luck with WebSphere. The hard part there will be selling managment on the idea. At least IBM is notoriously forward with their clients, even if they are expensive.
All I'm asking for now is a timeframe for 8.1. When can we expect it? If it's before I expect to -have- to have this stuff in production I may be able to wait... but at this point, I'm disgruntled enough to not bother.
Maybe we should investigate moving to .net. At least then when the vendor screws me I'll be expecting it. -
Problem in running j2ee programs with SSL: SSL context init failed : cannot
Hi,
I am just trying to run some servlet program that creates some SSL socket to communicate with a server. I have configured my java.security file but when i run my rpogram i get this error
SSL context init failed : cannot recover key.i am using SunJSSE provider
Plz help me and i am confused as in how to enable jsse in my sun java system app server platform edition.
Waiting for ur replies!
Thanks,
AkshathaI got this error last week.
The problem was that the keystore I was pointing to, was in other location, so it could not initialize the default context.
I had defined ...
String CLIENT_CERTIFPATH = getParam("client.certificate.path", "/users/pridas/myKeystoreFile");
// getParam extracts the location of the keystore from a text file which contains some configuration parameters. The default value will be /users/pridas/myKeystoreFile
In my case, I will try to develop a secure SOAP conexion using certificates.
Before to try the conexion, I defined ...
System.setProperty("javax.net.ssl.trustStore", CLIENT_CERTIFPATH);
System.setProperty("javax.net.ssl.keyStore", CLIENT_CERTIFPATH);
... and the problem when I got this error ... the keystore file was not in the correct location.
That was how I resolved this error.
I hope everybody will be oriented about this kind of errors.
Salu2. -
Default SSL Context Protocol on Java 1.4.2
What is the default SSLContext for Java 1.4.2? Specifically, if I use the default SSLSocketFactory, the SSLContext is automatically created behind the scenes. The protocols supported on this version are:
SSL
SSLv3
TLS
TLSv1
I am moving away from the default SSLSocketFactory, but am wanting to ensure I am using identical protocols as before.
Thanks.Good question. I thought it was written down somewhere but I can't find it, so I must just put it down to experience. Also, TLS supports SSLv3 by backwards compatibility so this would be the most logical default.
-
SSL Init failed: Keystore was tampered with, or password was incorrect
Hi all,
I encountered the following error while I try to get the output stream to write out the content into an HTTPS connection.
java.net.SocketException: Default SSL context init failed: Keystore was tampered with, or password was incorrect
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)Below is my code to achieve the sending of the content to the HTTPS connection.
public void sendMessage(Properties headers, byte[] content) throws Exception
try
addRequestHeaders(headers);
_conn.setRequestMethod("POST");
_conn.setDoInput(true);
_conn.setDoOutput(true);
OutputStream os = _conn.getOutputStream();//this line lead to the exception
os.write(content);
_respCode = _conn.getResponseCode();
_respMsg = _conn.getResponseMessage();
catch (IOException ex)
throw ex
}Due to the server is deployed in clustered env, I have put the truststore and keystore in a shared folder which allows the nodes to access. Thus in my code I have set the truststore, keystore location and the truststore, keystore password in the System properties as follow.
System.setProperty("javax.net.ssl.keyStore", getKeyStore());
System.setProperty("javax.net.ssl.keyStorePassword", getKeyStorePass());
System.setProperty("javax.net.ssl.trustStore", getTrustStore());
System.setProperty("javax.net.ssl.trustStorePassword", getTrustStore());The getKeyStore() and getTrustStore() will be returned the path to the shared folder which contain the truststore/keystore respectively.
The keystore tampered error only happened intermitently. I am sure that my keystore and truststore password is set correctly.
Could I know that is the keystore designed in a way that it can be accessed by multiple thread? will there be any file locking on the keystore while two thread trying to init the HTTPS and eventually cause the keystore tampered problem?
ThanksIn my case, I am certain that all fields are correct, because the code works half the time. The thing is my code is running inside Tomcat (as a servlet); I am noticing that whenever I update my Jar with any code change and restart Tomcat, I am hitting this issue intermittently. Another update-and-restart sometimes solves the problem & my connection establishment is successful.
There are 2 key things I would like to know:
1) Difference b/w the exception messages "<span class="jive-subject"> Keystore was tampered with, or password was incorrect
" and " failed to decrypt safe contents entry ".
2) Whether any caching is going on because of Tomcat being in the picture (although I am not at all sure why this should happen).
Would love to get through with this ASAP. Please let me know your thoughts if any.
Thanks,
Vivek -
CTM ERROR: ASA hardware accelerator init failed
Hi Guys, I have bought a refurbished firewall and upon reloading I see the following error from console. Is something that I can rectify?
Loading disk0:/asa904-k8.bin... Booting...
Platform ASA5510
Loading...
IO memory blocks requested from bigphys 32bit: 13264
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
Starting check/repair pass.
Starting verification pass.
/dev/hda1: 104 files, 12459/63613 clusters
dosfsck(/dev/hda1) returned 0
Processor memory 864026624, Reserved memory: 62914560
Total SSMs found: 0
Total NICs found: 7
mcwa i82557 Ethernet at irq 11 MAC: d0d0.fd1d.5d57
mcwa i82557 Ethernet at irq 5 MAC: 0000.0001.0001
i82547GI rev00 Gigabit Ethernet @ irq11 dev 1 index 05 MAC: 0000.0001.0002
i82546GB rev03 Ethernet @ irq09 dev 2 index 03 MAC: d0d0.fd1d.5d5b
i82546GB rev03 Ethernet @ irq09 dev 2 index 02 MAC: d0d0.fd1d.5d5a
i82546GB rev03 Ethernet @ irq09 dev 3 index 01 MAC: d0d0.fd1d.5d59
i82546GB rev03 Ethernet @ irq09 dev 3 index 00 MAC: d0d0.fd1d.5d58
Verify the activation-key, it might take a while...
Running Permanent Activation Key: 0x6122cb5d 0xc06c1a74 0xec92a120 0xbd44e8e8 0x8e372a8a
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 100 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 250 perpetual
Total VPN Peers : 250 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA 5510 Security Plus license.
CTM ERROR: ASA hardware accelerator init failed, cause: boot_init completion timeout, ctm_nlite_boot_init:2284
CTM ERROR: ASA hardware accelerator init failed, cause: boot initialization failure, ctm_nlite_download:3342
CRYPTO ERROR: Microcode download failure, boot instance 0
Cisco Adaptive Security Appliance Software Version 9.0(4)
Thanks in advanceHi Mike,
Thanks for your reply. Considering it was at an early stage I had asked the supplier to replace it.
Regards
Stefan -
when Update to 10.7.2 ,I cannot access to any site with ssl connection and fail to open safari and keychain, unless restart computer and login in with Guest account.
OS:10.7.2
Macbook Pro 2010-mid 13inchI also have the same problem, however if I use Firefox or Opera sites with ssl connection work fine. Still, I can't use Google Chrome (ssl), Safari (ssl), the Mac app store (generally), or the iTunes store (generally). Both the iTunes store, Safari and the app store won't respond, and Chrome displays this error: (net::ERR_TIMED_OUT). The problem persists regardless of what network I'm using. Also, when trying to access the keychain or iCloud, the process will not start (will hang). I didn't have these problems at all before updating to 10.7.2.
Sometimes rebooting helps, and sometimes not. If the problem disappears by rebooting, then it only lasts a few minutes before it reappears. It is very frustrating, especially since there doesn't seem to be any obvious or consistent way of which to fix it.
I'm also using a Macbook Pro 13-inch mid 2010. -
Hi,
I have a strange behaviour with the package dbms_ldap. I work with Oracle 9i, rel. 9.2.0.1.0 .
I have the hostname xxxx.yy .
The ping gives me this IP number:
H:\sql>ping xxxx.yy
Ping xxxx.yy [10.159.29.41] mit 32 Bytes Daten:
Antwort von 10.159.29.41: Bytes=32 Zeit=5ms TTL=125
When I use the softerra ldap browser 2.6, I can specify as host: xxxx.yy and I receive the answer with no problem.
But when I use the dbms_ldap package, this hostname fails.
SQL> @search;
DBMS_LDAP Search Example to directory ..
LDAP Host : xxxx.yy
LDAP Port : 389
Error code : -31203
Error Message : ORA-31203: DBMS_LDAP: PL/SQL - Init Failed.
Exception encountered .. exiting
But when I use the IP adress instead of the hostname, all works fine.
SQL> @search;
DBMS_LDAP Search Example to directory ..
LDAP Host : 10.159.29.41
LDAP Port : 389
Ldap session : A88E6340(returned from init)
simple_bind_s Returns : 0
search_s Returns : 0
LDAP message : 08866340(returned from search_s)
Number of Entries : 1
dn: CN=aaaaaa,OU=9.4,OU=9,OU=Central Administration,OU=xxxx.yy,DC=xxxx,DC=yy
cn : aaaaaa
displayName : ....., .....
givenName : .....
sn : .....
===================================================
unbind_res Returns : 0
Directory operation Successful .. exiting
NB. when I use another hostname: zzzzz.xxxx.yy having the same IP address, also all works fine.
H:\sql>ping zzzzz.xxxx.yy
Ping zzzzz.xxxx.yy [10.159.29.41] mit 32 Bytes Daten:
Antwort von 10.159.29.41: Bytes=32 Zeit=5ms TTL=125
SQL> @search;
DBMS_LDAP Search Example to directory ..
LDAP Host : zzzzz.xxxx.yy
LDAP Port : 389
Ldap session : A88E6340(returned from init)
simple_bind_s Returns : 0
search_s Returns : 0
LDAP message : 08866340(returned from search_s)
Number of Entries : 1
dn: CN=aaaaaa,OU=9.4,OU=9,OU=Central Administration,OU=xxxx.yy,DC=xxxx,DC=yy
cn : aaaaaa
displayName : ....., .....
givenName : .....
sn : ......
===================================================
unbind_res Returns : 0
Directory operation Successful .. exiting
Is there a possibility to overcome this problem?
ThanksProblem solved - (Problem gelöst :)
using 9i rel.9.2.0.7 all works fine
Oracle9i Enterprise Edition Release 9.2.0.7.0 - 64bit Production
With the Partitioning option
JServer Release 9.2.0.7.0 - Production
DBMS_LDAP Search Example to directory ..
LDAP Host : xxxx.yy
LDAP Port : 389
Ldap session : 00000001(returned from init)
simple_bind_s Returns : 0
search_s Returns : 0
LDAP message : 00000001(returned from search_s)
Number of Entries : 1
dn: CN=aaaaaa,OU=9.4,OU=9,OU=Central Administration,OU=xxxx.yy,DC=xxxx,DC=yy
...... -
ActionServlet init failed.
Hi Guys
I m using struts 1.1 .my problem is while starting my appliaction in tomcat server i m getting one error that
05-12-14 05:41:16 StandardWrapperValve[action]: Allocate exception for servlet action
javax.servlet.ServletException: ActionServlet init failed.
at org.apache.struts.action.ActionServlet.init(ActionServlet.java:495
i m not able to resolve this problem . pls suggest me how i can resolve this problem . Thanksjavax.servlet.ServletException: ActionServlet init failed.
at org.apache.struts.action.ActionServlet.init(ActionServlet.java:495
I would say you have something wrong in your struts-config.xml file.
Check that the syntax is correct and all tags are closed. Maybe start up with a minimal one, and add bits and pieces to it?
If you still can't fix it post the struts-config.xml file here (in code tags of course)
first, this is a java forum, not a struts forumI wouldn't rule struts as being out of scope here.
The broad category for this JSP forum is "Web applications" which struts fits into perfectly. Yes there are struts specific forums around (off the top of my head I know one at javaranch, and the struts-users mailing list is a goldmine of information) Still that shouldn't preclude people asking questions here. Its more on topic than many I have seen.
Cheers,
evnafets
Maybe you are looking for
-
Help Needed Created Standalone Network for iTunes DJ
I use my MBP to manage backing tracks for a band. I would like to use iTunes DJ for requests from the audience via wireless connection via *iPhone/iPod Touch Remote app*. I would use this option in conjunction with a printed song list and small reque
-
Hi- I need to batch process images for video project. I am able to change the pixel dimensions in the image processor but don't seem to have the option to change image size in inches. Please advise! Thanks
-
Factory Reset 2007 iMac with Mavericks
I Have a new MacBook Pro and want to give my grandson my 2007 iMac with latest Mavericks. I'm transferring everything between the two devices now. Once completed I would like to do a complete reset so that all of my data and preferences would be gone
-
Problems creating Struts ActionForm in JDeveloper 9.0.3.3
I am very new to JDeveloper, where recently i am learning on how to use the struts technology. The problem occurs when i right-click the project file at the navigator and i choose NEW then at the Web-Tier i choose Struts, and at the item columns i ch
-
Hi Guys, I have IdeaPad E10-30 with FreeDos preinstalled on it. I am trying to install Windows 8.1 64bit from USB device but had no results. - I tried to do like described here http://support.lenovo.com/ua/uk/products/laptops-and-netbooks/lenovo-e-se