Help with SSL SOCKETS
hi,
i seem to have a problem with establishing an ssl socket between 2 machines. This problem has to do with certificates as the runtime error i get specifies.
So i figured out there must be a concept that i'm misssing.
So why do i have to place a certificate on my client? how can i generate it? where do i place it?
Can anyone please provide me with a sample code that establishes an sslsocket connection.
thnx a million
A good place to start is:
http://java.sun.com/j2se/1.4.1/docs/guide/rmi/socketfactory/SSLInfo.html
There is a code example, but you will also need to follow the guide in the other link below to create the required key files.
Don't base your knowledge of SSL RMI sockets solely on what I say here, as I'm fairly new to this so I may express myself wrong. But here is a 30,000 foot overview of what I did to get them to work:
If you are using RSA on your SSL connection, a public and private key are required. For this to work, you must create a key (keystore) via Java's "keytool.exe" tool using the '-genkey' option (the keystore should eventually reside on your server). You will then create a certificate from that keystore using the '-export' option of the keytool. Lastly, you will import the certificate into your client's store of accepted certificates (the file java\lib\security\cacerts) via the '-import' option of keytool.
For a full description, you need to read:
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html
the section from this page on using keytool:
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html#CreateKeystore
The example shows using a new custom file for the truststore, but I imported the certificate into Java's cacerts file instead. I was unable to find the certificate if it was not in this file, but I very well may have been doing something wrong.
Similar Messages
-
Problem with SSL socket(SSLSocketFactoryImpl.createSocket())
Hello,
I'm trying to create a ssl socket but I get an exception, I really don't know why. I have alredy include the certificate via keytool to my jdk. And I'm able to get html header with URLConnection with the code below
import java.net.URL;
import java.net.URLConnection;
public class testClass {
public static void main(String[] args) throws Exception {
try{
URL url = new URL("https://ippbx1:8443/axl/");
String userPassword = "****" + ":" + "****";
String encoding = new sun.misc.BASE64Encoder().encode (userPassword.getBytes());
URLConnection c = url.openConnection();
c.setRequestProperty("Authorization", "Basic " + encoding);
for (int i=0; ; i++)
String name = c.getHeaderFieldKey(i);
String value = c.getHeaderField(i);
if (name == null && value == null) // end of headers
break;
if (name == null) // first line of headers
System.out.println("Server HTTP version, Response code:");
System.out.println(value);
System.out.print("\n");
else
System.out.println(name + "=" + value);
catch (Exception e) {}
}and I get the following result :
Server HTTP version, Response code:
HTTP/1.1 200 OK
Server=Apache-Coyote/1.1
Pragma=No-cache
Cache-Control=no-cache
Expires=Thu, 01 Jan 1970 01:00:00 CET
Set-Cookie=JSESSIONIDSSO=77670D5480DAD295C6519E812F9FED64; Path=/
Set-Cookie=JSESSIONID=B71BDB730FA5B3B431D3B16C41E190E3; Path=/axl; Secure
Content-Type=text/html;charset=ISO-8859-1
Content-Length=233
Date=Wed, 10 Jun 2009 15:17:10 GMTBut when I try to make a socket :
import java.io.*;
import java.net.*;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
public class axlforward {
public static void main(String[] args) {
String address = "https://ippbx1:8443/axl/";
int portnum = 8443;
try
SocketFactory socketFactory = SSLSocketFactory.getDefault();
Socket socket = socketFactory.createSocket(address, portnum);
} catch (Exception e) {e.printStackTrace();} I get the following
java.net.UnknownHostException: https://ippbx1/axl/
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:177)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:519)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:550)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:353)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:71)
at axlforward.main(axlforward.java:89)I have a VB program that connects to the socket(with Inet1.Protocol = icHTTPS and Inet1.Execute strURL, "Post", strFormData, strFormHdr methods) and do what I want but I need to do it in Java but I'm not able to find the error.
the server socket is a Cisco callManager Service(AXL Web Service) which receives and html+SOAP request and sends back an xml response and this server socket is running correctly with no problem.
Thanks for your help.Jdevelopper8709 wrote:
Thanks for your reply.
I now can access to my socket and get the information I want with:
SocketFactory socketFactory = SSLSocketFactory.getDefault();
socket = (SSLSocket) socketFactory.createSocket("ippbx1", 8443);In fact the problem was a username/password issue.
Thanks.I quote from reply #1 "The address is just "ippbx1" and not "https://ippbx1:8443/axl/". The protocol is not part of the IP address.". -
Please help with SSL POST: Servlet returns Error 500
I am struggling for many days to get a Java program to log in to an SSL page. The program is supposed to track ADSL usage statistics from https://secure.telkomsa.net/titracker/, but I never seem to get around Server returned Error 500.
Could anyone please help me understand what I am doing wrong by looking at the method I used. (It seems on the server side it is a jsp servlet that handles authentication).
Any help is deeply appreciated!
I copy-paste the method directly from NetBeans:
CODE>
void connectHTTPS(String url){
try {
URL page = new URL(url); // login page necessary to get a jsp session cookie
//------------ SET UP SSL - is it right?
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
try {
//if we have the JSSE provider available,
//and it has not already been
//set, add it as a new provide to the Security class.
final Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
Security.addProvider((Provider)clsFactory.newInstance());
} catch( ClassNotFoundException cfe ) {
throw new Exception("Unable to load the JSSE SSL stream handler." +
"Check classpath." + cfe.toString());
URLConnection urlc = page.openConnection();
urlc.setDoInput(true);
*Get the session id cookie set by the TelkomInternet java server
String cookie = urlc.getHeaderField("Set-Cookie");
//textpane.setText(totextpane);
textpane.setText(cookie);
//---------------- form an auth request and post it with the cookie
String postdata =URLEncoder.encode("ID_Field","UTF-8")+"="+URLEncoder.encode("myusrname","UTF-8")+"&"+URLEncoder.encode("PW_Field","UTF-8")+"="+URLEncoder.encode("mypwd","UTF-8")+"&"+URLEncoder.encode("confirm","UTF-8")+"="+URLEncoder.encode("false","UTF-8");
// set the servlet that handles authentication as target
URL page2 = new URL("https://secure.telkomsa.net/titracker/servlet/LoginServlet");
// cast to httpConn to enable setRequestMethod()
HttpURLConnection urlc2 = (HttpURLConnection)page2.openConnection();
// formulate request with POST data urlc2.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
urlc2.setRequestMethod("POST"); // experimental
urlc2.setRequestProperty("Content-Length",""+postdata.length());
urlc2.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)");
urlc2.setRequestProperty("Accept-Language","en-us");
urlc2.setUseCaches(false);
urlc2.setDoOutput(true);
urlc2.setDoInput(true);
urlc2.setFollowRedirects(true); // ??
//send cookies
urlc2.setRequestProperty("Set-Cookie", cookie); // or "Cookie" - doesn't work either
//write other data
PrintWriter out = new PrintWriter(urlc2.getOutputStream());
out.print(postdata); // username and password here
out.flush();
out.close();
//---------------- get the authenticated page with real ADSL statistics
BufferedReader br = new BufferedReader(new InputStreamReader(urlc2.getInputStream()));
String totextpane = "";
String buffer = "";
while (buffer != null) {
try {
totextpane = totextpane + "\n" + buffer;
buffer = br.readLine();
} catch (IOException ioe) {
ioe.printStackTrace();
break;
textpane.setText(totextpane);
} catch (Exception ex) {
System.err.println(ex.getMessage());
---- END CODE---
Thank you very much for any attempt at helping with this problem!I am struggling for many days to get a Java program to log in to an SSL page. The program is supposed to track ADSL usage statistics from https://secure.telkomsa.net/titracker/, but I never seem to get around Server returned Error 500.
Could anyone please help me understand what I am doing wrong by looking at the method I used. (It seems on the server side it is a jsp servlet that handles authentication).
Any help is deeply appreciated!
I copy-paste the method directly from NetBeans:
CODE>
void connectHTTPS(String url){
try {
URL page = new URL(url); // login page necessary to get a jsp session cookie
//------------ SET UP SSL - is it right?
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
try {
//if we have the JSSE provider available,
//and it has not already been
//set, add it as a new provide to the Security class.
final Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
Security.addProvider((Provider)clsFactory.newInstance());
} catch( ClassNotFoundException cfe ) {
throw new Exception("Unable to load the JSSE SSL stream handler." +
"Check classpath." + cfe.toString());
URLConnection urlc = page.openConnection();
urlc.setDoInput(true);
*Get the session id cookie set by the TelkomInternet java server
String cookie = urlc.getHeaderField("Set-Cookie");
//textpane.setText(totextpane);
textpane.setText(cookie);
//---------------- form an auth request and post it with the cookie
String postdata =URLEncoder.encode("ID_Field","UTF-8")+"="+URLEncoder.encode("myusrname","UTF-8")+"&"+URLEncoder.encode("PW_Field","UTF-8")+"="+URLEncoder.encode("mypwd","UTF-8")+"&"+URLEncoder.encode("confirm","UTF-8")+"="+URLEncoder.encode("false","UTF-8");
// set the servlet that handles authentication as target
URL page2 = new URL("https://secure.telkomsa.net/titracker/servlet/LoginServlet");
// cast to httpConn to enable setRequestMethod()
HttpURLConnection urlc2 = (HttpURLConnection)page2.openConnection();
// formulate request with POST data urlc2.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
urlc2.setRequestMethod("POST"); // experimental
urlc2.setRequestProperty("Content-Length",""+postdata.length());
urlc2.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)");
urlc2.setRequestProperty("Accept-Language","en-us");
urlc2.setUseCaches(false);
urlc2.setDoOutput(true);
urlc2.setDoInput(true);
urlc2.setFollowRedirects(true); // ??
//send cookies
urlc2.setRequestProperty("Set-Cookie", cookie); // or "Cookie" - doesn't work either
//write other data
PrintWriter out = new PrintWriter(urlc2.getOutputStream());
out.print(postdata); // username and password here
out.flush();
out.close();
//---------------- get the authenticated page with real ADSL statistics
BufferedReader br = new BufferedReader(new InputStreamReader(urlc2.getInputStream()));
String totextpane = "";
String buffer = "";
while (buffer != null) {
try {
totextpane = totextpane + "\n" + buffer;
buffer = br.readLine();
} catch (IOException ioe) {
ioe.printStackTrace();
break;
textpane.setText(totextpane);
} catch (Exception ex) {
System.err.println(ex.getMessage());
---- END CODE---
Thank you very much for any attempt at helping with this problem! -
Hi, want to establish the SSL connection with client authentication.
I have Server`s certificate in JKS (name 'serv_trust', no password)
and my certificate in P12 (client.p12)
So, i have some exceptions executing my application:
Sorry for my english.
java.net.UnknownHostException: https://online.serv.com
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:153)
at java.net.Socket.connect(Socket.java:452)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(DashoA12275)
at SSLSocketClientWithClientAuth.main(SSLSocketClientWithClientAuth.java:40)
And my code:
System.setProperty
("javax.net.ssl.trustStore", "serv_trust");
Security.addProvider((Provider)Class.forName
("com.sun.crypto.provider.SunJCE").newInstance());
java.security.Security.addProvider
(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
try {
System.setProperty ("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty ("javax.net.ssl.keyStorePassword", "123456789");
System.setProperty ("javax.net.ssl.keyStore", "client.p12");
SSLSocketFactory factory =
(SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket socket =
(SSLSocket)factory.createSocket("https://online.serv.com", 443);
socket.startHandshake();
socket.startHandshake();
PrintWriter out = new PrintWriter(
new BufferedWriter(
new OutputStreamWriter(
socket.getOutputStream())));
out.println("GET ");
out.println();
out.flush();
if (out.checkError())
System.out.println(
"SSLSocketClient: java.io.PrintWriter error");
BufferedReader in = new BufferedReader(
new InputStreamReader(
socket.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
out.close();
socket.close();
And debug:
keyStore is : client.p12
keyStore type is : pkcs12
init keystore
init keymanager of type SunX509
found key for : my certificate
chain [0] = [
Version: V3
Subject: [email protected], CN=www.myhost.com, OU=development, O=DK, L=City, ST=US, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
d6a408ae 36632041 0a5d9da4 edc4c98d 01be3fbd ad02ca8b 88445fcf 5de8b6c2
cc60dc18 61f25cf3 fc9eba3c 637f6ca0 e933795c 6c74b8e9 bd158f51 ed5fe584
e7566e56 894e215f fc1f492f 2fc4a21c 526edd31 4953ebab 6cb1c5b8 52d4d09f
3bd8abf1 8e71e1d4 3187a60f f5bcae58 98d11be3 b6108ba8 c1cbb6ac ff60b88d
Validity: [From: Wed Dec 22 11:00:26 MSK 2004,
To: Thu Dec 22 11:00:26 MSK 2005]
Issuer: [email protected], CN=Alexander Alexandrov, OU=IT Division, O=Company Ltd, L=City, ST=City, C=US
SerialNumber: [ 1a]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 57 5E 20 18 C6 CC 62 6F E6 E6 57 D9 0A 99 31 0E W^ ...bo..W...1.
0010: E1 78 24 92 .x$.
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: CD 2D 38 1C 58 DE BC FC 2C B8 86 EC F6 2C 57 25 .-8.X...,....,W%
0010: AD 89 28 65 ..(e
[[email protected], CN=Alexander Alexandrov, OU=IT Division, O=Company Ltd, L=City, ST=City, C=US]
SerialNumber: [ 00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: 82 D6 0F 08 32 98 42 80 1D D4 D6 50 5E 55 A2 B1 ....2.B....P^U..
0010: D3 C2 11 40 65 39 3A 6C A3 6D 2E C5 A2 3B 2C 43 ...@e9:l.m...;,C
0020: 96 B8 D3 13 9A F6 95 F8 9D C8 DA 56 7B 11 BD 75 ...........V...u
0030: 1B 9E ED 18 B4 B9 E3 77 FE C4 49 A1 48 EC E5 93 .......w..I.H...
0040: 95 C5 BD 6B 7F 5B A9 42 9E 22 FE 5A FE 2A 39 C2 ...k.[.B.".Z.*9.
0050: C1 9C 96 E3 1E 25 AC 42 BE AF 1C F7 B6 83 48 0F .....%.B......H.
0060: 2E 02 4E 99 37 1D 01 C6 87 E8 0E 57 DD C8 16 99 ..N.7......W....
0070: E4 6B D1 D9 93 AD 57 C3 2A D9 41 92 72 25 D6 DF .k....W.*.A.r%..
trustStore is: serv_trust
trustStore type is : jks
init truststore
adding as trusted cert:
Subject: [email protected], CN=Alexander Alexandrov, OU=IT Division, O=Company Ltd, L=City, ST=City, C=US
Issuer: [email protected], CN=Alexander Alexandrov, OU=IT Division, O=Company Ltd, L=City, ST=City, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Sep 14 18:43:06 MSD 2004 until Wed Sep 14 18:43:06 MSD 2005
init context
trigger seeding of SecureRandom
done seeding SecureRandom
java.net.UnknownHostException: https://online.serv.com.ru
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:153)
at java.net.Socket.connect(Socket.java:452)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(DashoA12275)
at SSLSocketClientWithClientAuth.main(SSLSocketClientWithClientAuth.java:40)Please include your solution the next time you reply back...
The problem is caused by including the protocol in the URL. In his example, he should have used "online.serv.com" as the host argument and not "https://online.serv.com". -
Strange problem with SSL Sockets using more than 10 Clients
Hi
I�m using Jsse ( JDK 1.4.2_06 ). I have coded a Client/Server Applikation acting over SSLSockets or over unsecured Sockets. If I use unsecured Sockets everthing works fine, but if I use SSLSockets for the Connection and about 20 Clients, the Clients often can�t connect to the Server and the following Exception was thrown:
java.net.ConnectException: Connection refused: connect
Could it be that there is some strange problem with SSLServerSockets relating to this phenomenon?
If I use only a few Clients the Exception occurs never or only sometimes.
Has anyboby an idea what is happaning there?
Regards ChrisliHi
From the description of your scenario, you have coded your own server side of the application. I would advise that you consider moving your application to run under Tomcat framework and test if you still get the same exception. -
I am writing a program that accepts multiple users using sockets. It works well on my home network when i use the ip address 192.168.1.12. But when I try to get computers to connect outside of the network it doesnt work. Even when I change the ip address that the client is connecting to to the one i found at http://www.whatismyipaddress.com/
which is 24.50.xxx.yy
The port i'm using for the server and client is 11114.
How do i make it work over the internet and not just my home network?A good place to start is:
http://java.sun.com/j2se/1.4.1/docs/guide/rmi/socketfactory/SSLInfo.html
There is a code example, but you will also need to follow the guide in the other link below to create the required key files.
Don't base your knowledge of SSL RMI sockets solely on what I say here, as I'm fairly new to this so I may express myself wrong. But here is a 30,000 foot overview of what I did to get them to work:
If you are using RSA on your SSL connection, a public and private key are required. For this to work, you must create a key (keystore) via Java's "keytool.exe" tool using the '-genkey' option (the keystore should eventually reside on your server). You will then create a certificate from that keystore using the '-export' option of the keytool. Lastly, you will import the certificate into your client's store of accepted certificates (the file java\lib\security\cacerts) via the '-import' option of keytool.
For a full description, you need to read:
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html
the section from this page on using keytool:
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html#CreateKeystore
The example shows using a new custom file for the truststore, but I imported the certificate into Java's cacerts file instead. I was unable to find the certificate if it was not in this file, but I very well may have been doing something wrong. -
Need help with SSL custom trustKeystore, invalid certification path
Hi,
We have a webservice installed on a server over https protocol, and the following certification chain:
Internal Root CA Certificate
|
+-----> Certificate X
|
+----> Cerificate YCertificate Y has Common Name (CN) equals to the hostname where this webservice is deployed.
On the client side, since the root CA certificate is internal, we had to install a custom trust keystore, and use the -Djavax.net.ssl.trustStore=/path/to/trust.keystore system property. Inside that trust keystore we imported the Internal Root CA certificate.
When the client invoke the webservice, it still gives SSL handhsake exception, saying couldn't find certification path. However when we imported Certificate Y into the trust keystore, it works. Is there any way to make the handshake work just by trusting the root CA?
The client runs in a JBoss container, and we tried -Dorg.jboss.security.ignoreHttpsHost=true but didn't helpPlease find more detail on exception stack below. Sorry I have to truncate the stack to avoid showing our internal class names
210 WARN [SeamLoginModule] Error invoking login method
javax.el.ELException: javax.net.ssl.SSLHandshakeException: sun.security.validator.Validat
orException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilder
Exception: unable to find valid certification path to requested target
at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:339)
at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348)
at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58)
at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:175)
at org.jboss.seam.security.jaas.SeamLoginModule.login(SeamLoginModule.java:109)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.j
ava:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703
at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
at org.jboss.seam.security.Identity.authenticate(Identity.java:344)
at org.jboss.seam.security.Identity.authenticate(Identity.java:332)
at org.jboss.seam.security.Identity.login(Identity.java:259)
--- truncated ----------------------------------------------------
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException
: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
--- truncated ----------------------------------------------------
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException
: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak
er.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.
java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm
pl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1
123)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1
107)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java
:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 121 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.secu
rity.provider.certpath.SunCertPathBuilderException: unable to find valid certification pa
th to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImp
l.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust
ManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust
ManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak
er.java:1014)
------ truncated ------------------------------------------------------
... 132 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find val
id certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuild
er.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 138 more -
Some General Questions about using SSL sockets
1 Since both SSL and TLS rely on public-key cryptography, can I use it efficiently for encrypting large amount of data transfer within a network? Or I�ll be better off using secret key.
2 If I understand correctly, I can install client/server certificate (public key) along with the software installation. Is that right? In other words, I don�t have to create them programmatically.
3 To convert our unsecured client/server application, is it enough to replace plain sockets with SSL sockets and use a self signed certificate for the server? (Ours is a closed network and we don�t require any client authentication).
4 How does SSL handles server to server communications?
5 How do you encrypt data ( some of the fields) in a text file?
Thank you all.hey there.
1.yes you can use it to encrypt large amounts of data, and heres why:
when you use SSL, it uses public key encryption to first tranfser across a private key. then from then on the data is simply private key encrypted, which is relatively fast and easy.
2. Yes, you may chose to make them programatically or not
4. the question doesn't really make sense. In the end, what is a Server and what is a Client is up to your application. From SSL's point of view, you just have two machines with Sockets on either side that are connected. You can use SSLSocket.setClientMode(boolean) to choose which of those socket will act as the "server" for the purpose of the authentication handsake. -
Disabling Certificate Validation in SSL Sockets
I followed the examples on this site.
http://javaalmanac.com/egs/javax.net.ssl/TrustAll.html?l=rel
I was wondering will this work with SSL Sockets?This is SSL sockets.
-
hi,
i use rmi using ssl-sockets. the server rebinds to the
rmiregistry -> it works fine but
when i try to connect from client (browser ie) -> the needed classes (RMISSLCLientSocketFactory...)
could not loaded
whats the problem??
mikehi,
i use following code to test rmi with ssl-sockets:
interface:
import java.rmi.*;
public interface StringTag extends java.rmi.Remote
public String appendX(String s) throws RemoteException;
server:
import java.rmi.*;
import java.rmi.server.UnicastRemoteObject;
import java.rmi.registry.*;
public class StringTagImpl extends UnicastRemoteObject implements StringTag
public StringTagImpl() throws RemoteException
super(0, new RMISSLClientSocketFactory(), new RMISSLServerSocketFactory());
public String appendX(String s) throws RemoteException
return (s + "xxx");
public static void main(String[] arg)
System.setProperty("java.security.policy", "F:\\rmi\\security.policy");
System.setSecurityManager(new RMISecurityManager());
try{
Registry reg = LocateRegistry.createRegistry(Registry.REGISTRY_PORT);
StringTagImpl so = new StringTagImpl();
reg.rebind("StringTag", so);
System.out.println("StringTag bound in registry");
catch(Exception e){
System.out.println("StringTagImpl: \n" + e);
applet:
import java.awt.*;
import java.rmi.*;
public class StringTagApplet extends java.applet.Applet
String tagged;
public void init()
try
String host = "127.0.0.1";
int port = 1099;
StringTag st = (StringTag)Naming.lookup("//" + host + ":" + port + "/" + "StringTag");
tagged = st.appendX("The String: ");
catch(Exception e)
System.out.println(e);
e.printStackTrace();
public void paint(Graphics g)
g.drawString(tagged,25,30);
clientsocket:
import java.rmi.server.*;
import javax.net.ssl.*;
import java.io.*;
import java.net.*;
public class RMISSLClientSocketFactory implements RMIClientSocketFactory, Serializable{
public Socket createSocket(String host, int port) throws IOException{
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
return factory.createSocket(host, port);
serversocket:
import java.rmi.server.*;
import javax.net.ssl.*;
import java.io.*;
import java.net.*;
public class RMISSLServerSocketFactory implements RMIServerSocketFactory, Serializable{
public ServerSocket createServerSocket(int port) throws IOException{
SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
return factory.createServerSocket(port);
the html-file:
<HTML>
<title>String appending</title>
<center><h2>Append X and Y</h2></center>
The result of appending to the Strings is:
<p>
<applet codebase="." code="StringTagApplet" width=500 height=120>
</applet>
</html>
policy:
grant
permission java.security.AllPermission;
all files are in the same folder.
the class-file(RMISSLClientSocketFactory) could not loaded from client!
when i make a new instance from RMISSLClientSocketFactory before line:
StringTag st = (StringTag)Naming.lookup("//" + host + ":" + port + "/" + "StringTag");
--> the client could not loaded class StringTag ...and so on
i dont know why it not work!!
i were very happy to solve this problem!! -
SSL - Default SSL context init failed: null - need help with code
Hi!
Once Again I have problems with SSL.
I read something about SSL here:
http://www.javaalmanac.com/egs/javax.net.ssl/Server.html
Now I tried to test this stuff, that resulted in this program (I simply tried to put the SSL stuff from the above code in a small skeleton):
import java.io.*;
import java.net.*;
import java.security.*;
import javax.net.ssl.*;
import javax.net.*;
public class MyServer
public static void main(String arguments[])
try
int port = 443;
ServerSocketFactory ssocketFactory = SSLServerSocketFactory.getDefault();
ServerSocket ssocket = ssocketFactory.createServerSocket(port);
// Listen for connections
Socket socket = ssocket.accept();
System.out.println("Connected successfully");
// Create streams to securely send and receive data to the client
InputStream in = socket.getInputStream();
OutputStream out = socket.getOutputStream();
// Read from in and write to out...
// Close the socket
in.close();
out.close();
catch(IOException e)
System.out.println("GetMessage() = "+e.getMessage());
e.printStackTrace();
} Now I compiled this stuff with : 'javac MyServer.java' - there were no errors. After this I run the program
with the following command (also taken from java almanac):
'java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 MyServer'
But if I run it, it reports:
"GetMessage() = Default SSL context init failed: null
java.net.SocketException: Default SSL context init failed: null
at javax.net.ssl.DefaultSSLServerSocketFactory.createServerSocket(Dasho
6275)
at MyServer.main(MyServer.java:15)"
createServerSocket() seems to be the wrong line, but what is wrong with it.
Is there any mistake in my code ?
Btw. I created my keystore etc. according to the instructions at
http://forum.java.sun.com/thread.jsp?forum=2&thread=528092&tstart=0&trange=15
Any help appreciated
Greets
dancing_coderI got this error last week.
The problem was that the keystore I was pointing to, was in other location, so it could not initialize the default context.
I had defined ...
String CLIENT_CERTIFPATH = getParam("client.certificate.path", "/users/pridas/myKeystoreFile");
// getParam extracts the location of the keystore from a text file which contains some configuration parameters. The default value will be /users/pridas/myKeystoreFile
In my case, I will try to develop a secure SOAP conexion using certificates.
Before to try the conexion, I defined ...
System.setProperty("javax.net.ssl.trustStore", CLIENT_CERTIFPATH);
System.setProperty("javax.net.ssl.keyStore", CLIENT_CERTIFPATH);
... and the problem when I got this error ... the keystore file was not in the correct location.
That was how I resolved this error.
I hope everybody will be oriented about this kind of errors.
Salu2. -
Securing SQL Server 2012 Azure VM with SSL - Help!!!
Hello all,
I am trying to encrypt with SSL my SQL server 2012 Azure VM; I have created the cert and I can see it in cert mgr but when I go to SQL config MGR -protocols for MSSQLSERVER to setup the encryption, the certificate tab contains no certificates :(
this is so annoying please can someone help me with this?
Thanks so much,
BN.Also, I am getting the following error whilst connecting to the Azure VM client side via SQL management studio:
“The certificate chain was issued by an authority that is not trusted”
I can get around this by specifying "TrustServerCertificate=True" in the connection string; what is causing this and should I be alarmed? can this be resolved?
Hi ,
According to your error message, When the SQL Server instance has only a self-signed certificate, the encrypt property is set to true and the trustServerCertificate property is set to true. There is an similar issue about SqlException (0x80131904), you can
review the following post.
http://stackoverflow.com/questions/17615260/the-certificate-chain-was-issued-by-an-authority-that-is-not-trusted-when-conn
In addition, there is detail about writing secure connection strings for SQL Database in Windows Azure, you can review it.
http://social.technet.microsoft.com/wiki/contents/articles/2951.windows-azure-sql-database-connection-security.aspx
Regards,
Sofiya Li
Sofiya Li
TechNet Community Support -
TS3899 iPad mail account says problem with 'ssl settings' - can you help me?
iPad mail account says problem with 'ssl settings' - can you help me?
The 4Gs hardware, only 256 MB of RAM, prohibits updating beyond 6.1.6.
Starting when iOS 7 was released, Apple now allows downloading the last compatible version of some apps (iOS 4.2.1 and later only)
App Store: Downloading Older Versions of Apps on iOS - Apple Club
App Store: Install the latest compatible version of an app
You first have to download the non-compatible version on your computer. Then when you try to purchase the version on your iPod you will be offered a compatible version if one exists. -
Applet(using SSL sockets) application in browser
hello everyone,
I am new to this forum, and this is my first forum in this site, please help me,
My problem is,
I have done an applet application which uses the SSL sockets, and it is working fine if i use the appletviewer tool, with the arguments of policy and URL, when i run this command "appletviewer -J-Djava.security.policy=mypolicy.policy URL of my html page" in the command mode its working fine.
I have wrote HTML file for running the applet, and when i used it in the browser i was not able to get output , i was getting the error "NoTrustedCertificates found", i have setted the properties of truststore and password in the program itself like,
System.setProperty("javax.net.ssl.trustStore", System.getProperty("java.home")+"cert");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd");
and i also used the policy tool. I have stored my certificate along with the jar file, and i was getting this error
can anyone please help me, or suggest me the right way to reach my target.
Thanx in advanceHai,
I have made my client applet running from the remote system, and the client was establishing SSL sockets, and there is a problem in Handshake, NO TRUSTED CERTIFICATE found was the error, and i had loaded the certificates ( one is used for signing the certificate, and the other is used for the SSL sockets authentication ) in my applet client code i have setted the system properties like
System.setProperty("javax.net.ssl.trustStore", System.getProperty("java.home")+"\\lib\\security\\cert");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd");
and this is the certificate which is used for SSL sockets authentication, and i stored the cert in the "jre\lib\security\" directory, and im using the jdk1.4.2_05 version.
At the client side the error is
Network Error: sun.security.validator.ValidatorException: No trusted certificate found.
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.OutputStream.write(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
at sun.security.validator.SimpleValidator.buildTrustedChain(Unknown Source)
at sun.security.validator.SimpleValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
At the server side the error is
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
at com.ClientNeg.run(ClientNeg.java:76)
at java.lang.Thread.run(Unknown Source)
i was not able to understand what went wrong , so any one please help me in doing my work.
Thanx
dwurity -
How to configure OC4J using RMI/IIOP with SSL
Any help?
I just mange configure the OC4J using RMI/IIOP but base on
But when I follow further to use RMI/IIOP with SSL I face the problem with: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
p/s: I use self generate keystore which should be ok as I can use it for https connection.
Any one can help?
Below is the OC4J log:
D:\oc4j\j2ee\home>java -Djavax.net.debug=all -DGenerateIIOP=true -Diiop.runtime.debug=true -jar oc4j.jar
05/02/23 16:43:16 ================ IIOPServerExtensionProvider.preInitApplicationServer
05/02/23 16:43:38 ================= IIOPServerExtensionProvider.postInitApplicationServer
05/02/23 16:43:38 ================== config = {SEPS={IIOP={ssl-port=5556, port=5555, ssl=true, trusted-clients=*, ssl-client-server-auth-port=5557, keystore=D:\\oc4j\\j2ee\\home\\server.keystore, keystore-password=123456, truststore=D:\\oc4j\\j2ee\\home\\server.keystore, truststore-password=123456, ClassName=com.oracle.iiop.server.IIOPServerExtensionProvider, host=localhost}}}
05/02/23 16:43:38 ================== server.getAttributes() = {threadPool=com.evermind.server.ApplicationServerThreadPool@968fda}
05/02/23 16:43:38 ================== pool: null
05/02/23 16:43:38 ====================== In startServer ...
05/02/23 16:43:38 ==================== Creating an IIOPServer ...
05/02/23 16:43:38 ========= IIOP server being initialized
05/02/23 16:43:38 SSL port: 5556
05/02/23 16:43:38 SSL port 2: 5557
05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(IIOP_CLEAR_TEXT, 5555, null)
05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = IIOP_CLEAR_TEXT port = 5555 )
05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL, 5556, null)
05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL port = 5556 )
05/02/23 16:43:45 ***
05/02/23 16:43:45 found key for : mykey
05/02/23 16:43:45 chain [0] = [
Version: V1
Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
b1239fff 2ae5d31d b01a0cfb 1186bae0 bbc7ac41 94f24464 e92a7e33 6a5b0844
109e30fb d24ad770 99b3ff86 bd96c705 56bf2e7a b3bb9d03 40fdcc0a c9bea9a1
c21395a4 37d8b2ce ff00eb64 e22a6dd6 97578f92 29627229 462ebfee 061c99a4
1c69b3a0 aea6a95b 7ed3fd89 f829f17e a9362efe ccf8034a 0910989a a8573305
Validity: [From: Wed Feb 23 15:57:28 SGT 2005,
To: Tue May 24 15:57:28 SGT 2005]
Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
SerialNumber: [ 421c3768]
Algorithm: [MD5withRSA]
Signature:
0000: 34 F4 FA D4 6F 23 7B 84 30 42 F3 5C 4B 5E 18 17 4...o#..0B.\K^..
0010: 73 69 73 A6 BF 9A 5D C0 67 8D C3 56 DF A9 4A AC sis...].g..V..J.
0020: 88 AF 24 28 C9 39 16 22 29 81 01 93 86 AA 1A 5D ..$(.9.")......]
0030: 07 89 26 22 91 F0 8F DE E1 4A CF 17 9A 02 51 7D ..&".....J....Q.
0040: 92 D3 6D 9B EF 5E C1 C6 66 F9 11 D4 EB 13 8F 17 ..m..^..f.......
0050: E7 66 58 9F 6C B0 60 7C 39 B4 E0 B7 04 A7 7F A6 .fX.l.`.9.......
0060: 4D A5 89 E7 F4 8A DC 59 B4 E7 A5 D4 0A 35 9A F1 M......Y.....5..
0070: A2 CD 3A 04 D6 8F 16 B1 9E 6F 34 40 E8 C0 47 03 ..:[email protected].
05/02/23 16:43:45 ***
05/02/23 16:43:45 adding as trusted cert:
05/02/23 16:43:45 Subject: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Issuer: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3779
05/02/23 16:43:45 Valid from Wed Feb 23 15:57:45 SGT 2005 until Tue May 24 15:57:45 SGT 2005
05/02/23 16:43:45 adding as trusted cert:
05/02/23 16:43:45 Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3768
05/02/23 16:43:45 Valid from Wed Feb 23 15:57:28 SGT 2005 until Tue May 24 15:57:28 SGT 2005
05/02/23 16:43:45 trigger seeding of SecureRandom
05/02/23 16:43:45 done seeding SecureRandom
05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL_MUTUALAUTH, 5557, null)
05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL_MUTUALAUTH port = 5557 )
05/02/23 16:43:45 matching alias: mykey
matching alias: mykey
05/02/23 16:43:46 ORB created ..com.oracle.iiop.server.OC4JORB@65b738
05/02/23 16:43:47 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc [email protected]7
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc com.sun.corba.ee.internal.corba.ServerDelegate@9300cc
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Entering dispatch method
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Consuming service contexts, GIOP version: 1.2
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Has code set context? false
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Dispatching to servant
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Handling invoke handler type servant
05/02/23 16:43:48 NS service created and started ..org.omg.CosNaming._NamingContextExtStub:IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
05/02/23 16:43:48 NS ior = ..IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
05/02/23 16:43:48 Oracle Application Server Containers for J2EE 10g (9.0.4.0.0) initialized
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Server getConnection(119e583[Unknown 0x0:0x0: Socket[addr=/127.0.0.1,port=1281,localport=5556]], SSL)
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): host = 127.0.0.1 port = 1281
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Created connection Connection[type=SSL remote_host=127.0.0.1 remote_port=1281 state=ESTABLISHED]
com.sun.corba.ee.internal.iiop.MessageMediator(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): Creating message from stream
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, handling exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, SEND TLSv1 ALERT: fatal, description = unexpected_message
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, WRITE: TLSv1 Alert, length = 2
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeSocket()
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ReaderThread(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): IOException in createInputStream: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.readFully(MessageBase.java:520)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.createFromStream(MessageBase.java:58)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.MessageMediator.processRequest(MessageMediator.java:110)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.IIOPConnection.processInput(IIOPConnection.java:339)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.ReaderThread.run(ReaderThread.java:63)
05/02/23 16:45:14 Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.b(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
05/02/23 16:45:14 ... 6 more
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.IIOPConnection(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): purge_calls: starting: code = 1398079696 die = true
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): DeleteConn called: host = 127.0.0.1 port = 1281Good point, I do belive what you are referring to is this:
Any client, whether running inside a server or not, has EJB security properties. Table 15-2 lists the EJB client security properties controlled by the ejb_sec.properties file. By default, OC4J searches for this file in the current directory when running as a client, or in ORACLE_HOME/j2ee/home/config when running in the server. You can specify the location of this file explicitly with the system property setting -Dejb_sec_properties_location=pathname.
Table 15-2 EJB Client Security Properties
Property Meaning
# oc4j.iiop.keyStoreLoc
The path and name of the keystore. An absolute path is recommended.
# oc4j.iiop.keyStorePass
The password for the keystore.
# oc4j.iiop.trustStoreLoc
The path name and name of the truststore. An absolute path is recommended.
# oc4j.iiop.trustStorePass
The password for the truststore.
# oc4j.iiop.enable.clientauth
Whether the client supports client-side authentication. If this property is set to true, you must specify a keystore location and password.
# oc4j.iiop.ciphersuites
Which cipher suites are to be enabled. The valid cipher suites are:
TLS_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_RC4_40_MD5
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
nameservice.useSSL
Whether to use SSL when making the initial connection to the server.
client.sendpassword
Whether to send user name and password in clear form (unencrypted) in the service context when not using SSL. If this property is set to true, the user name and password are sent only to servers listed in the trustedServer list.
oc4j.iiop.trustedServers
A list of servers that can be trusted to receive passwords sent in clear form. This has no effect if client.sendpassword is set to false. The list is comma-delimited. Each entry in the list can be an IP address, a host name, a host name pattern (for example, *.example.com), or * (where "*" alone means that all servers are trusted.
Maybe you are looking for
-
After installing the lates version of itunes on my Sony Vio, a bubble pops up which says: iTunes installation complete, ERROR occured during installation before iTunes could be configured. Your system has not been modified. To complete the installati
-
Hi guys, Thanks for the interest in my post... I want to make a gallery similar to the one at http://www.danwheldon.com/gallery.cfm where the user clicks on an image and it refreshes the current page bringing up the enlarged version above the rest of
-
Field length was changed in R/3 was this effect in BW
Hi , Field length of one Field was incresed in the data source. the same data source/table is used for extracting the data from R/3 to BW. will it effect these changes in BW side. Thanks Ram
-
My music itunes library on my mac is now showing an exclamation mark against some albums/songs. If i click on the mark it says original file could not befound would you like to locate it. When i click yes its takes me to the mac HD. Some of these son
-
Does JDev support the function of "mark occurrence" like eclipse
The function of "mark occurrence" is to highlight every occurrence of the word you selected in the same file. If it does, will anyone kindly show how to do it in the preference. Many thx and best regards. wf