Default SSL Context Protocol on Java 1.4.2
What is the default SSLContext for Java 1.4.2? Specifically, if I use the default SSLSocketFactory, the SSLContext is automatically created behind the scenes. The protocols supported on this version are:
SSL
SSLv3
TLS
TLSv1
I am moving away from the default SSLSocketFactory, but am wanting to ensure I am using identical protocols as before.
Thanks.
Good question. I thought it was written down somewhere but I can't find it, so I must just put it down to experience. Also, TLS supports SSLv3 by backwards compatibility so this would be the most logical default.
Similar Messages
-
Default SSL context init failed: null
Hi all,
I am trying to open a SSL connection from a tomcat server (called it TC1) that locate within a DMZ to the other tomcat server (called it TC2) which is located in external network.
I got the following in the TC1 system.out,
WARNING: Servlet.service() for servlet HelloWorld threw exception
java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Sou
rce)
at HelloWorld.doGet(HelloWorld.java:20)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:825)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ssConnection(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo
int.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFol
lowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:684)
at java.lang.Thread.run(Unknown Source)
Here is the servlet i place in TC1 which open a SSL connection to TC2.
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.net.URL;
import java.net.URLConnection;
public class HelloWorld extends HttpServlet {
public void doGet(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();
out.println("Hello World");
URL url = new URL("https://154.123.23.10:8443");
URLConnection con = url.openConnection();
con.connect();
}I have used java keytool to generate a self-signed cert and also a keystore in TC2. Below is the Connector element of the server.xml of TC2
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:\program files\Tomcat 5.5.7\keystore\.keystore"/>
I also imported the self-signed cert into the truststore of machine which host the TC1. The place i store the self-signed cert of TC2 is jre_home\lib\security\cacerts
Does anyone know how to resolve the exception "java.net.SocketException: Default SSL context init failed: null" I mentioned above?
Thanks for your help
FengI had the same problem (tomcat was acting as an axis client), I resolved it by adding -Djavax.net.debug=all to my CATALINA_OPTS in the startup-skript
=> Then I got the message, that the keystrore/truststore could not be found.
That was the problem - and now the context null is gone ;)
CATALINA_OPTS=-Djavax.net.ssl.trustStore=ABSOLUTE_LOCATION_TO_TRUSTSTORE -Djavax.net.ssl.keyStore=ABSOLUTE_LOCATION_TO_KEYSTORE -Djavax.net.ssl.keyStorePassword=********
-Djavax.net.ssl.keyStoreType=jks
-Djava.protocol.handler.pkgs=javax.net.ssl
-Djavax.net.debug=allGood luck !
SuCkerD -
SSL - Default SSL context init failed: null - need help with code
Hi!
Once Again I have problems with SSL.
I read something about SSL here:
http://www.javaalmanac.com/egs/javax.net.ssl/Server.html
Now I tried to test this stuff, that resulted in this program (I simply tried to put the SSL stuff from the above code in a small skeleton):
import java.io.*;
import java.net.*;
import java.security.*;
import javax.net.ssl.*;
import javax.net.*;
public class MyServer
public static void main(String arguments[])
try
int port = 443;
ServerSocketFactory ssocketFactory = SSLServerSocketFactory.getDefault();
ServerSocket ssocket = ssocketFactory.createServerSocket(port);
// Listen for connections
Socket socket = ssocket.accept();
System.out.println("Connected successfully");
// Create streams to securely send and receive data to the client
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
// Read from in and write to out...
// Close the socket
in.close();
out.close();
catch(IOException e)
System.out.println("GetMessage() = "+e.getMessage());
e.printStackTrace();
} Now I compiled this stuff with : 'javac MyServer.java' - there were no errors. After this I run the program
with the following command (also taken from java almanac):
'java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 MyServer'
But if I run it, it reports:
"GetMessage() = Default SSL context init failed: null
java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLServerSocketFactory.createServerSocket(Dasho
6275)
at MyServer.main(MyServer.java:15)"
createServerSocket() seems to be the wrong line, but what is wrong with it.
Is there any mistake in my code ?
Btw. I created my keystore etc. according to the instructions at
http://forum.java.sun.com/thread.jsp?forum=2&thread=528092&tstart=0&trange=15
Any help appreciated
Greets
dancing_coderI got this error last week.
The problem was that the keystore I was pointing to, was in other location, so it could not initialize the default context.
I had defined ...
String CLIENT_CERTIFPATH = getParam("client.certificate.path", "/users/pridas/myKeystoreFile");
// getParam extracts the location of the keystore from a text file which contains some configuration parameters. The default value will be /users/pridas/myKeystoreFile
In my case, I will try to develop a secure SOAP conexion using certificates.
Before to try the conexion, I defined ...
System.setProperty("javax.net.ssl.trustStore", CLIENT_CERTIFPATH);
System.setProperty("javax.net.ssl.keyStore", CLIENT_CERTIFPATH);
... and the problem when I got this error ... the keystore file was not in the correct location.
That was how I resolved this error.
I hope everybody will be oriented about this kind of errors.
Salu2. -
Default SSL context init failed: jks
Hello to all.
This is my first post in the Sun forums. I am a C++ programmer migrating to Java.
I am writting a SSL client that connects to my SSL-speaking daemon. The code I am
trying is from examples across the internet:
---CODE BEGINS---
import javax.net.ssl.*;
import javax.net.*;
import java.net.*;
import java.io.*;
public class FirstClass {
public static void main(String[] args) {
FirstClass firstClass1 = new FirstClass();
try {
int port = 4433;
String hostname = "localhost";
SocketFactory socketFactory = SSLSocketFactory.getDefault();
Socket socket = socketFactory.createSocket(hostname, port);
// Create streams to securely send and receive data to the server
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
// Read from in and write to out...
// Close the socket
in.close();
out.close();
} catch(IOException e) {
System.out.println("Exception: " + e.getMessage());
---CODE ENDS---
Everything goes okay in the build process, the problem is like the topic says a problem
with the creatinon of the SSL context. Also, I run it with the appropriate params as in:
---CMD BEGINS---
java \
-Djavax.net.debug=ssl \
-Djavax.net.ssl.keyStore=serverKeyStore \
-Djavax.net.ssl.keyPassword=123456 \
MySSLExample
---CMD ENDS---
I have the serverKeyStore that I created with keytool and the password is
really 123456 (tuff one, huh?). The output is:
---OUTPUT BEGINS---
keyStore is : serverKeyStore
keyStore type is : jks
init keystore
default context init failed: java.security.KeyStoreException: jks
Exception: Default SSL context init failed: jks
---OUTPUT ENDS---
I really don't care for trusting the certificates, I only want some kind of encryption
on the data channels (in/out) so I could ignore the verification of the certificates.
I also found someone on a forum that asked the same I am now, but he latter posted
that he found the solution and left... with no solution posted.
Thanks for any help out there,
Rodrigo MaderaTry
-Djavax.net.ssl.keyStorePassword=123456
instead of
-Djavax.net.ssl.keyPassword=123456 -
Default SSL context init failed: Invalid keystore format
Hi, I can't connect to my ldap server. The problem is ssl. I'm trying to do this:
import java.io.IOException;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.ldap.LdapContext;
public class TestAuthentifikation {
public static void main (String [] args) throws IOException {
try {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldaps://subdomain.dyndns.org:636/");
env.put(Context.SECURITY_PRINCIPAL, "uid=user,ou=users,dc=subdomain,dc=dyndns,dc=org");
env.put(Context.SECURITY_CREDENTIALS, "passwd");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PROTOCOL, "ssl");
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.ssl.keyStore", "/usr/lib/j2se/1.4/jre/lib/security/cacerts");
System.setProperty("javax.net.ssl.trustStore","/usr/lib/j2se/1.4/jre/lib/security/cacerts");
env.put(LdapContext.CONTROL_FACTORIES, "com.sun.jndi.ldap.ControlFactory");
DirContext ctx = new InitialDirContext(env);
//use ctx....
// Close the context when we're done
ctx.close();
catch(NamingException ne) {
System.err.println(ne);
ne.printStackTrace();
}The exception is this:
javax.naming.CommunicationException: subdomain.dyndns.org:636 [Root exception is java.net.SocketException: Default SSL context init failed: Invalid keystore format]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:194)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:119)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1668)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2599)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)On the server I have created this ldap_crt.pem file:
openssl req -x509 -days 3650 -newkey rsa:2048 -nodes -keyout ldap_key.pem -keyform PEM -out ldap_crt.pem -outform PEMwhich sits on the clients /etc/ssl/certs directory. Like this I can connect with a ldap browser to the server.
I should do something like this:
keytool -import -alias AUTH_CA -file rootcert.crt -keystore /usr/lib/j2se/1.4/jre/lib/security/cacertsHow do I get this rootcert.crt file?
I did this and changed the keystore from cacerts to mycacerts in the java class file:
sudo keytool -import -alias AUTH_CA -file /etc/ssl/certs/ldap_crt.pem -keystore /usr/lib/j2se/1.4/jre/lib/security/mycacertsThen I get this:
javax.naming.CommunicationException: simple bind failed: subdomain.dyndns.org:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: *No trusted certificate found*]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:198)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2640)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
Edited by: borobudur on May 18, 2008 7:09 AMJust a permission problem! Take care that your process can write on the keystore/truststore.
-
Default SSL context init failed:
Hi All,
i got this problem in my Web services client, i have installed correct certificate and jar deployment for the same. but there is no solution for the same.
so please help us to solve this issue as soon as possible.
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Default SSL context init failed: null
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:156)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:92)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at com.ibm.ivr.webservices.IVRCDBServiceSoapBindingStub.getCustomerProfile(IVRCDBServiceSoapBindingStub.java:442)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeMobilitySOAPRPCService(CDBServiceHandler.java:269)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeSOAPRPCService(CDBServiceHandler.java:148)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.fetchCustomerProfile(CDBStaticServicesInvoker.java:201)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.getCustomerProfile(CDBStaticServicesInvoker.java:102)
at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.peri.rnd.jsb.Jsb$MethodCall.invoke(Jsb.java:1054)
at com.peri.rnd.jsb.Jsb$Client.invokeMethod(Jsb.java:1269)
at com.peri.rnd.jsb.Jsb$Client.handleSendResource(Jsb.java:1398)
at com.peri.rnd.jsb.Jsb$Client.run(Jsb.java:1552)
at java.lang.Thread.run(Thread.java:595)
{http://xml.apache.org/axis/}hostname:PNQAP22216
java.net.SocketException: Default SSL context init failed: null
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at com.ibm.ivr.webservices.IVRCDBServiceSoapBindingStub.getCustomerProfile(IVRCDBServiceSoapBindingStub.java:442)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeMobilitySOAPRPCService(CDBServiceHandler.java:269)
at com.gl.nortel.ivr.service.invoker.cdb.CDBServiceHandler.invokeSOAPRPCService(CDBServiceHandler.java:148)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.fetchCustomerProfile(CDBStaticServicesInvoker.java:201)
at com.gl.nortel.ivr.service.invoker.cdb.CDBStaticServicesInvoker.getCustomerProfile(CDBStaticServicesInvoker.java:102)
at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.peri.rnd.jsb.Jsb$MethodCall.invoke(Jsb.java:1054)
at com.peri.rnd.jsb.Jsb$Client.invokeMethod(Jsb.java:1269)
at com.peri.rnd.jsb.Jsb$Client.handleSendResource(Jsb.java:1398)
at com.peri.rnd.jsb.Jsb$Client.run(Jsb.java:1552)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:156)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:92)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 22 moreHelp yourself. Start by doing some proper research. Paste 'java.net.SocketException: Default SSL context init failed: null' into google and see what you get: I did and I got plenty of hits.
-
Default SSL context init failed: DerInputStream.getLength(): lengthTag=109,
Hi
I am trying to connect to an https:// url using java (digital certificates) and send an xml file to it and get the response..
I have server certificate stored in our m/c..and password..
I am getting following exception ->>>
Default SSL context init failed: DerInputStream.getLength(): lengthTag=109, too big.
It is arising from the following line of the code ->
OutputStream ops = (OutputStream) servletConnection.getOutputStream();
Could anyone provide me the soln ASAP..its urgent...See my reply to http://forum.java.sun.com/thread.jspa?threadID=5245161&tstart=0
-
Default ssl context init failed: Cannot resolve key
Hi, I get this SSL Exception when I try to run my server using
ssl socket:
"default ssl context init failed: Cannot resolve key"
it is thrown at this line: "sslServerFactory.createServerSocket(port)"
I created a kestore and trustore files using 'keytool' and the step by step from the Jsse reference guide:
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html#CreateKeystore
why do I get this exception and how to solve it, thank you.
YvesSSL error messages are sometimes cryptic.
Set:
System.getProperties().put("javax.net.debug","all");to really see what is happening.
Cheers'
Kullervo -
Error- isDefault SSL context init failed : Cannot recover key
Hi,
We are trying to run a sample HTTPS request from client to Server using SSL.
Below is the the code we used to run Client program which will communicate with HTTPS server (Server Socket which will accept connections)
Basically we created a server certificate inside Https server program and that will be exported and imported into Client directory.
Finally when we run below client program means its giving below error
Error- isDefault SSL context init failed : Cannot recover key
Can anybody please help me to run this program successfully?If we you give some basic steps to check the settings what needs to be set before running this program.?
Client Program
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider() );
System.setProperty("javax.net.ssl.keyStore", "D:\\JavaR&D\\Rajiv\\server\\serverkeys");
System.setProperty("javax.net.ssl.keyStoreType" ,"JKS"); /* ,"pkcs12" */
System.setProperty("javax.net.ssl.keyStorePassword","welcome");
System.setProperty("javax.net.ssl.trustStore" , "C:\\j2sdk1.5.0\\jre\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword" , "clientpass");
System.setProperty("javax.net.ssl.trustStoreType","JKS"); /* ,"pkcs12" */
System.setProperty("java.protocol.handler.pkgs" ,"com.sun.net.ssl.internal.www.protocol");
com.sun.net.ssl.HostnameVerifier hv=new com.sun.net.ssl.HostnameVerifier() {
public boolean verify(String urlHostname, String certHostname) {
System.out.println("urlHostname >>" + urlHostname +"<<");
System.out.println("certHostname >>" + certHostname +"<<");
System.out.println("WARNING: Hostname is not matched for cert.");
return true;
com.sun.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(hv);
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
// server = (SSLServerSocket) factory.createServerSocket(portNumber);
System.out.println("above socketcreation");
SSLSocket socket = (SSLSocket)factory.createSocket("172.16.56.227",8443);
Server ProgramIs there some kind of timeline that I can expect 8.1 to ship in?
I appreciate being informed that this is a known issue and all, but without giving me a timeframe to expect a fix in, how can you possibly expect me to continue to pursue your products as viable options?
To tell me to wait for 8.1, without giving me a timeframe or any further details is simply put in one word. Amatuer.
What kind of response is this? What am I supposed to tell my supervisor? How am I supposed to explain to upper management that the application server they're telling us to use is incapable of handling the use cases our business functions require? What do you want me to do, tell them to wait for the next release without being able to give them a ballpark figure? We're a small team, us Java guys. We've already invested months is moving to a new platform. Now that platform is failing us, and the vendor hasn't got any better response than, "Oh yeah, our bad. We'll fix it next time... whenever that is..."
If 8.1 is as half-baked as 8.0 is (BTW your deploytool is a broken piece of junk. I can reliably crash the thing in under 10 seconds) then I don't have a lot of hope for 8.1. You can bet I sure as heck won't be holding my breath for it.
Looks like it's time to investigate the other vendors that support J2EE 1.4. Something tells me I'll have better luck with WebSphere. The hard part there will be selling managment on the idea. At least IBM is notoriously forward with their clients, even if they are expensive.
All I'm asking for now is a timeframe for 8.1. When can we expect it? If it's before I expect to -have- to have this stuff in production I may be able to wait... but at this point, I'm disgruntled enough to not bother.
Maybe we should investigate moving to .net. At least then when the vendor screws me I'll be expecting it. -
Problem in running j2ee programs with SSL: SSL context init failed : cannot
Hi,
I am just trying to run some servlet program that creates some SSL socket to communicate with a server. I have configured my java.security file but when i run my rpogram i get this error
SSL context init failed : cannot recover key.i am using SunJSSE provider
Plz help me and i am confused as in how to enable jsse in my sun java system app server platform edition.
Waiting for ur replies!
Thanks,
AkshathaI got this error last week.
The problem was that the keystore I was pointing to, was in other location, so it could not initialize the default context.
I had defined ...
String CLIENT_CERTIFPATH = getParam("client.certificate.path", "/users/pridas/myKeystoreFile");
// getParam extracts the location of the keystore from a text file which contains some configuration parameters. The default value will be /users/pridas/myKeystoreFile
In my case, I will try to develop a secure SOAP conexion using certificates.
Before to try the conexion, I defined ...
System.setProperty("javax.net.ssl.trustStore", CLIENT_CERTIFPATH);
System.setProperty("javax.net.ssl.keyStore", CLIENT_CERTIFPATH);
... and the problem when I got this error ... the keystore file was not in the correct location.
That was how I resolved this error.
I hope everybody will be oriented about this kind of errors.
Salu2. -
Default security context for signed applets using WinXP+IE8
What is the default security context for signed applets from the internet zone using Java 6 and WinXP+IE8 combination? My guess is that all file and socket access available for the user's Windows account is provided to the applet as well. Is this correct and if so, is there a way to limit these access privileges for signed applets from the internet zone?
This information is surprisingly difficult to find given how security concious people now are using the internet.AntonBoer wrote:
Thank you for your swift reply.
Unfortunately your answer reflects to my worst fears. Frankly I find this security model naiive. Anyone with euros can get their applet signed so that is no security control at all.The same naive security model applies to just about anything signed and downloaded; not just to Java Applets.
>
Working for a corporate IT how I am supposed to allow Java installations on any of our computers with internet access? That automatically means I am providing them as platforms to whoever wishes to run Java code on them (given that the user of course visits the web site). I would have expected Sun to put more effort into this but it appers nothig have changed in this regard for 10 years.I don't see this as a Sun problem; it is indicative of what I consider to be a general security weakness for all computer systems. For example, for Windows, Vista just added more user involvement in the trust process but it still allows programs to run pretty much unconstrained if the user agrees to them running.
For some time I have advocated a more fine grained approach. I would like to see ALL programs run in a sandbox that a user can specify what and what cannot be done by each individual program. Unfortunately, this would annoy the hell out of most users so it has little chance of every of ever being accepted. The average user just wants a run-and-forget-about-security model. -
Error with default SSL port (443) on Solaris
Hi all
I would like to config default SSL port 443 on Solaris but I found this error. What is the problem?
I use WebLogic 8.1 sp3
SSL port : 443
Unable to create a server socket on Channel Default for port: 443. java.net.BindException: Permission denied Perhaps another process is using port 443
I dont sure about permission. How can I do?Oh I can use root start weblogic and I can use 443 port, but when I use other users. I can't use 443 port
-
Creating initial context from a java client
I have tried to create intial context from a java client.....
but that gives me the following exception:
My code:TestClient.java
import java.util.*;
import javax.naming.*;
public class TestClient
public static void main(String nilesh[]) throws NamingException
Hashtable hash = new Hashtable();
hash.put("Context.INITIAL_CONEXT_FACTORY","com.evermind.server.rmi.RMIInitialContextFactory");
hash.put("Context.PROVIDER_URL","ormi://localhost:23791/symularity");
hash.put("Context.SECURITY_PRINCIPAL","admin");
hash.put("Context.SECURITY_CREDENTIALS","admin");
Context ctx = new InitialContext(hash);
System.out.println("Context: "+ctx);
The output is:
ERROR! Shared library ioser12 could not be found.
Exception in thread "main" javax.naming.NamingException: Error accessing repository: Cannot con
nect to ORB
at com.sun.enterprise.naming.EJBCtx.<init>(EJBCtx.java:51)
at com.sun.enterprise.naming.EJBInitialContextFactory.getInitialContext(EJBInitialConte
xtFactory.java:62)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at TestClient.main(TestClient.java:14)
is anybody able to solve my problem....
Thanks in advance..
NileshGNilesh,
First of all make sure that the shared library error you are getting is fixed by including the library in your classpath. Secondly, where are you running the client from? The connection factory that you use varies depending on where you are connecting from:
1. ApplicationClientContextFactory is used when looking up remote objects from standalone application clients. This uses refs and mappings in application-client.xml.
2. RMInitialContextFactory is used when looking up remote objects between different containers.
3. ApplicationInitalContextFactory is used when looking up remote objects in same application. This is the default initial context factory and this uses refs/mappings in web.xml and ejb-jar.xml.
Rob Cole
Oracle Hello Rob cole..
thank u for ur reply...but actualy i dont know what is application-client.xml and where i can find that file in my j2ee folder...can u give me detail explanation about that...actually i have not created any application or not deployed also without deploying any application i have created that TestClient.java class so how it will relate with application-client.xml....so i have changed the lookup code with ApplicaitonClientContextFactory...but still the same error is coming......can u give me the full explanation or solution of my problem...
Thanks & Regards
NileshG... -
Anyone know of an FTP client for the iPad hat supports SSL/TTL protocol?
You can download our trial of our FTP/SSL Java client, edtFTPj/SSL, and try it out. This works with most FTP servers supporting SSL.
See
http://www.enterprisedt.com/products/edtftpjssl/overview.html
If it works for you it may be cheaper to purchase it than tussle with the intricacies of FTP/SSL.
regards
Bruce Blackshaw -
How Redirect browser(client) based on non-negotiable SSL/TLS protocol or cipher
Hi guys,
we have a security requirement wherein we have to force the browsers accessing our asp.net application hosted on windows server 2012 to have atleast tsl 1.1 , but we don't want to simply block the request, instead we would like to redirect the request
to a unsecured static html page with the instructions on how to get them onto tsl.
can any one help me here?>? actually i found a similar and exactly same thread on stackoverflow but i think that is probably directed towards linux family. http://serverfault.com/questions/591188/redirect-browser-based-on-non-negotiable-ssl-tls-protocol-or-cipher
please help me guys..
ps: i have posted the same question on IIS forum (http://forums.iis.net/t/1223352.aspx?How+Redirect+browser+client+based+on+non+negotiable+SSL+TLS+protocol+or+cipher+from+IIS)
and got a reply saying that it can be done at windows kernel level(possibly).Hi,
As far as I know, once SSL handshake fails, no subsequent communication would occur between the server and client.
Therefore, as the way I see it, the goal cannot be achieved.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Maybe you are looking for
-
Manual entry of batches for finished product
Dear Guru's, I want the manual entry of batches in the production order & automatic batches for raw materials. I have maintained the autoamtic batch number assignment as Inactive in T-code OMCZ. After maintaing this system is asking for manual entr
-
Battery not installed after update
I just updated my ThinkPad W520 using the System Update utility and after rebooting I realize that the battery icon is totally gray and shows the message "Battery not installed". Checking the installations log of System Update I see -Lenovo Power Ma
-
Numerous trace files are generating every minute causing space issue
Hi All, numerous trace files are generating every minute <SID>_<PID>_APPSPERF01.trc format. entry in trace file will be like.. EXEC #10:c=0,e=0,p=0,cr=0,cu=0,mis=0,r=0,dep=0,og=1,plh=1734896627,tim=1339571764486430 WAIT #10: nam='SQL*Net message to
-
Using XA Library from with OCI application
Are there any sample/demo programs that illustrate how to use the XA interface from within an OCI application? In particular, I'm wondering about the association between the OCI session and the xa_open() session -- how can one use OCI calls after est
-
I have never had my mac act like this before & I don't know what to do. Any suggestions would be greatly appreciated. The symptoms are as follows: - Applications quitting before launching - Ghosted folders on desktop that disappear when selected - Mo