HTTPSURLConnection/JSSE
Hi...I am having some difficulty making a secure connection to send/receive streams. In order to connect to non-secure sites, I use the following code:
// Initialize URL variables
URL url = null;
HttpURLConnection urlConnection = null;
// Get handle to URL and its connection
url = new URL("http://www.whatever.com");
urlConnection = (HttpURLConnection)url.openConnection();
// Open input/output stream
[Add code to open stream(s) here]
// Clean up
[Add code to close stream(s) here]
This code works fine. When I change the URL to a "HTTPS" URL, the code throws a malformed URL exception. I understand that this is because the HTTPS protocol is not understood and JSSE must be used. So, I installed JSSE in the appropriate directory, added the JAR files to my class path, and changed the above code to this:
// Initialize URL variables
URL url = null;
HttpsURLConnection urlConnection = null;
// Add provider
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// Get handle to URL and its connection
url = new URL("https://www.whatever.com");
urlConnection = (HttpsURLConnection)url.openConnection();
// Open input/output stream
[Add code to open stream(s) here]
// Clean up
[Add code to close stream(s) here]
Unfortunately, the code blows up when I try to open an input or output stream. I get the following in the log:
java.net.SocketException: SSL implementation not available at javax.net.ssl.DefaultSSLSocketFactory.createSocket([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
at https_test.executeTest(https_test.java:91)
at https_test.service(https_test.java:133)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at allaire.jrun.servlet.JRunSE.service(../servlet/JRunSE.java:1416) at allaire.jrun.session.JRunSessionService.service(../session/JRunSessionService.java:1082)
at allaire.jrun.servlet.JRunSE.runServlet(../servlet/JRunSE.java:1270) at allaire.jrun.servlet.JRunRequestDispatcher.forward(../servlet/JRunRequestDispatcher.java:89)
at allaire.jrun.servlet.JRunSE.service(../servlet/JRunSE.java:1552) at allaire.jrun.servlet.JRunSE.service(../servlet/JRunSE.java:1542)
at allaire.jrun.servlet.JvmContext.dispatch(../servlet/JvmContext.java:364)
at allaire.jrun.http.WebEndpoint.run(../http/WebEndpoint.java:115)
at allaire.jrun.ThreadPool.run(../ThreadPool.java:272)
at allaire.jrun.WorkerThread.run(../WorkerThread.java:75)
java.net.SocketException: SSL implementation not available at javax.net.ssl.DefaultSSLSocketFactory.createSocket([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
at https_test.executeTest(https_test.java:93)
at https_test.service(https_test.java:135)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at allaire.jrun.servlet.JRunSE.service(../servlet/JRunSE.java:1416) at allaire.jrun.session.JRunSessionService.service(../session/JRunSessionService.java:1082)
at allaire.jrun.servlet.JRunSE.runServlet(../servlet/JRunSE.java:1270) at allaire.jrun.servlet.JRunRequestDispatcher.forward(../servlet/JRunRequestDispatcher.java:89)
at allaire.jrun.servlet.JRunSE.service(../servlet/JRunSE.java:1552)
at allaire.jrun.servlet.JRunSE.service(../servlet/JRunSE.java:1542)
at allaire.jrun.servlet.JvmContext.dispatch(../servlet/JvmContext.java:364)
at allaire.jrun.http.WebEndpoint.run(../http/WebEndpoint.java:115)
at allaire.jrun.ThreadPool.run(../ThreadPool.java:272)
at allaire.jrun.WorkerThread.run(../WorkerThread.java:75)
I have tried both static and dynamic registration, and both at the same time! For static registration, I do the following:
1. Copied the 3 JSSE JAR files to $JREHOME/lib/ext
2. Modified the java.security file to add the additional security provider
For dymaic registration, I do the following:
1. Added the 3 JAR files to my classpath
2. Added a line (shown in code above) to dynamically add the provider
I feel like I have done everything but it still does not work! Any help would be greatly appreciated. Thanks!!
In what order did you put the security provider in when you modified the java.security file. I added it as the second provider in the list, only behind the original default provider and it eliminated that error
//original default provider
security.provider.1=sun.security.provider.Sun
//provider necessary for SSL com
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
Similar Messages
-
How to use JSSE HttpsURLConnection in WL 5.1
I am trying to POST, from a jsp within weblogic,
to an outside https URL. It appears to me that
weblogic.net.http.HttpsURLConnection cannot POST
to a connection.
I am now trying to use Sun's JSSE 1.0.3.
I've installed jcert.jar, jnet.jar and jsse.jar to
C:\usr\local\java\jdk1.3.1_04\jre\lib\ext
Here is the relevant code:
<%@ page import="java.io.*,java.net.*,java.util.*,java.lang.*,javax.servlet.*,java.security.*,com.sun.net.ssl.*"
%>
<%
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs", com.sun.net.ssl.internal.www.protocol");
url = new java.net.URL("https://www.some-secure-site.com"); // This is where
the ClassCastException occurs.
%>
Here is the thread dump:
java.lang.ClassCastException: weblogic.net.http.HttpsURLConnection
at jsp_servlet._payPal.__verify._jspService(__verify.java:150)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:120)
at weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:945)
at weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:909)
at weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:269)
at weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:392)
at weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:274)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:130)
I think I need to register an HTTPS URLStreamHandler when
instantiating my URL object so I receive a
com.sun.net.ssl.HttpsURLConnection instead of a
weblogic.net.http.HttpsURLConnection - like so:
URL url = new URL("https", "some.site.com", 443, "/some/uri", new some.URLStreamHandler());
Any help is greatly appreciated.
-SSyou should use specifal constructor .. for url..
some thing like..
URL( "https","www.verisign.com","443","",new
com.sun.net.ssl.internal.www.protocol.https.Handler());
thanks
kiran
"sstaats" <[email protected]> wrote in message
news:[email protected]...
>
I am trying to POST, from a jsp within weblogic,
to an outside https URL. It appears to me that
weblogic.net.http.HttpsURLConnection cannot POST
to a connection.
I am now trying to use Sun's JSSE 1.0.3.
I've installed jcert.jar, jnet.jar and jsse.jar to
C:\usr\local\java\jdk1.3.1_04\jre\lib\ext
Here is the relevant code:
<%@ pageimport="java.io.*,java.net.*,java.util.*,java.lang.*,javax.servlet.*,java.se
curity.*,com.sun.net.ssl.*"
%>
<%
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs",com.sun.net.ssl.internal.www.protocol");
url = new java.net.URL("https://www.some-secure-site.com"); // This is
where
the ClassCastException occurs.
%>
Here is the thread dump:
java.lang.ClassCastException: weblogic.net.http.HttpsURLConnection
at jsp_servlet._payPal.__verify._jspService(__verify.java:150)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
atweblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:120)
atweblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImp
l.java:945)
atweblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImp
l.java:909)
atweblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContext
Manager.java:269)
atweblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:392)
atweblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:274)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:130)
I think I need to register an HTTPS URLStreamHandler when
instantiating my URL object so I receive a
com.sun.net.ssl.HttpsURLConnection instead of a
weblogic.net.http.HttpsURLConnection - like so:
URL url = new URL("https", "some.site.com", 443, "/some/uri", newsome.URLStreamHandler());
>
Any help is greatly appreciated.
-SS -
Https Connection from servlets using JSSE.
Hi all,
Although my question is the same as the QOW for this week, there is an error "unsupported keyword EMAIL" returned when i try to establish a https connection using servlet. The error log is as follow:
=====================================
java.io.IOException: unsupported keyword EMAIL
at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
at URLReader.doGet(URLReader.java:78)
===================================
Does anyone know the meaning of this error?
I try to write a java application using the similar code and it totally works fine(i can connect to the server and obtain the page). Does JSSE support Java Servlet? Or this is the problem of tomcat server? FYI, I'm using
Tomcat 3.2.2
Java SDK 1.3
Many thanks!
Ethan
p.s. Here is the source for my program
import java.io.*;
import java.net.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.net.*;
import javax.net.ssl.*;
import com.sun.net.ssl.*;
public class URLReader extends HttpServlet{
private PrintWriter out = null;
public void doGet(HttpServletRequest req, HttpServletResponse res){
res.setContentType("text/html");
res.setHeader("Cache-Control", "no-cache");
res.setHeader("Progma", "no-cache");
out = res.getWriter();
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.ssl.trustStore", "File_for_keyStore");
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
try {
URL url = new URL("https://server_name:port/index.htm");
HttpsURLConnection urlconnection = (HttpsURLConnection)url.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(urlconnection.getInputStream()));
String outputLine ;
while ( (outputLine = in.readLine()) != null){
out.println("There is the result: "+outputLine);
in.close();
catch(Exception e){
public void doPost(HttpServletRequest req, HttpServletResponse res){
}I was just having this issue, after months of error-free ssl behavior, on a new machine i was installing (Note: that I was running the IBM jdk1.3) It turns out that when I was editing the java.security file to know about JCE/JSSE providers i had the providers in the wrong order. The Error causing sequence was:
security.provider.1=com.sun.net.ssl.internal.ssl.Provider
security.provider.2=com.ibm.crypto.provider.IBMJCA
# Extra provider added ibm@33894
security.provider.3=com.ibm.crypto.provider.IBMJCE
# extra provider i added
security.provider.4=sun.security.provider.Sun
The issue disappeared when i changed the order to:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.ibm.crypto.provider.IBMJCA
# Extra provider added ibm@33894
security.provider.4=com.ibm.crypto.provider.IBMJCE
hope that helps!
--john molnar
Trellis Network Security -
How to use HTTPS with JSSE URLConnection in servlet
Hi, I have a servlet that calls another servlet using the URLConnection class. This seems to work very well if I am using http. However when trying to call it using https using JSSE I get the following error:
"javax.net.ssl.SSLHandshakeException: untrusted server cert chain."
The following is the code that I am using in the servlet:
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
this.servlet = new URL(servletURL);
URLConnection conServlet = servlet.openConnection();
Both of these servlets are under IIS on my machine. I am able to execute each of the servlets from the browser using https directly. Does this sounds like an SSL certifcate problem or is that something in the Java code? Any ideas greatly appreciated.Hi,
Perhaps you can create your own trust manager. I've found this example in another newsgroup: (please note that this example trusts everyone, but you can modify the trust manager as you wish)
if (putUrl.startsWith("https"))
//set up to handle SSL if necessary
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.debug", "ssl,handshake,data,trustmanager");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
//use our own trust manager so we can always trust
//the URL entered in the configuration.
X509TrustManager tm = new MyX509TrustManager();
KeyManager []km = null;
TrustManager []tma = {tm};
SSLContext sc = SSLContext.getInstance("ssl");
sc.init(km,tma,new java.security.SecureRandom());
SSLSocketFactory sf1 = sc.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory (sf1);
m_url = new URL (putUrl);
class MyX509TrustManager implements X509TrustManager {
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
public X509Certificate[] getAcceptedIssuers() {
return null;
}Hope this helps,
Kurt. -
Hi,
I am encountering the following exception when opening an SSL connection to an
HTTPS web server (running apache + mod_ssl ) :
java.io.IOException: unsupported keyword OID.2.5.4.5
at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V
1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([Das
hoPro-V1.2-120198])
at [...]The web server's X.509 V3 certificate was acquired from Certinomis (a
french company - www.certinomis.com), and I have imported its root CA and
intermediate CA into my client JVM's keystore using keytool.
After a short investigation, it looks like it is a bug of JSSE 1.0.2
implementation which doesn't recognize the Object Id 2.5.4.5 which
according to the following page, is a standard X.500 attribute :
http://www.alvestrand.no/objectid/2.5.4.5.html
Here is an excerpt of this page :
2.5.4.5 - id-at-serialNumber
OID value: 2.5.4.5
OID description: The Serial Number attribute type specifies an identifier, the
serial number of a device.
An attribute value for Serial Number is a printable string.
serialNumber ATTRIBUTE ::= {
WITH SYNTAX PrintableString (SIZE (1..ub-serialNumber))
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
ID id-at-serialNumber
}The very same code works when accessing web sites using Verisign certificates
which do not contain such a 2.5.4.5 OID in the certificate subject, so it may
well be dued to a malformation of the Certinomis certificate.
Any help appreciated,
Patrick DECAT.
Following is the trace printed out when running the JVM with
-Djavax.net.debug=all (binary blocks replaced by [...]) :
C:\java\jdk1.3.1\bin\javaw -classpath
C:\Development\HttpsReader\classes;
C:\java\jsse1.0.2\lib\jsse.jar;C:\java\jsse1.0.2\lib\jnet.jar;
C:\java\jsse1.0.2\lib\jcert.jar;C:\java\jdk1.3.1\jre\lib\i18n.jar;
C:\java\jdk1.3.1\jre\lib\jaws.jar;C:\java\jdk1.3.1\jre\lib\rt.jar;
C:\java\jdk1.3.1\jre\lib\sunrsasign.jar;C:\java\jdk1.3.1\lib\dt.jar;
C:\java\jdk1.3.1\lib\tools.jar
-Djavax.net.debug=all HttpsReader
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\java\jdk1.3.1\jre\lib\security\jssecacerts
trustStore type is : jks
init truststore
adding as trusted cert: [
Version: V3
Subject: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@19681b
Validity: [From: Thu Nov 09 01:00:00 CET 2000,
To: Fri Nov 09 01:00:00 CET 2012]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373337 35373338 36303030 ]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[2]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
adding as trusted cert: [
Version: V3
Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@bc49d
Validity: [From: Wed Nov 29 01:00:00 CET 2000,
To: Mon Nov 29 01:00:00 CET 2004]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373534 38383434 39303030 ]
Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 993394508 bytes = { 24, 22, 81, 16, 235, 187, 118, 86, 45,
138, 98, 195,
155, 110, 203, 166, 77, 227, 57, 128, 191, 247, 109, 154, 243, 212, 78, 25 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: [...]
AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: [...]
AWT-EventQueue-0, WRITE: SSL v2, contentType = 22, translated length = 16310
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 993394166 bytes = { 7, 124, 93, 170, 159, 46, 253, 150, 76,
123, 239,
155, 27, 14, 132, 20, 203, 83, 219, 221, 217, 201, 21, 212, 79, 18, 122, 73 }
Session ID: {179, 250, 40, 17, 25, 73, 235, 228, 229, 141, 93, 207, 137, 204, 71,
144, 235,
210, 99, 135, 15, 169, 170, 141, 156, 3, 58, 135, 178, 196, 112, 222}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: [...]
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 1088
*** Certificate chain
chain [0] = [
Version: V3
Subject: OID.2.5.4.5=10052821, OU=Certificat Mercatis,
[email protected], CN=xxxxxx.xxxxxxxx.com, OU=FC,
O=XXXXXXXXX-XXXXXXXXX, L=Paris, ST=Paris, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@4a0115
Validity: [From: Fri Mar 23 11:54:32 CET 2001,
To: Sun Mar 24 11:54:32 CET 2002]
Issuer: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
SerialNumber: [ 39383533 34313237 32353633 ]
Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
S/MIME
Object Signing
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[5]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[7]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
[8]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
add missing root cert: [
Version: V3
Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@bc49d
Validity: [From: Wed Nov 29 01:00:00 CET 2000,
To: Mon Nov 29 01:00:00 CET 2004]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373534 38383434 39303030 ]
Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
stop on trusted cert: [
Version: V3
Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@bc49d
Validity: [From: Wed Nov 29 01:00:00 CET 2000,
To: Mon Nov 29 01:00:00 CET 2004]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373534 38383434 39303030 ]
Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
[read] MD5 and SHA1 hashes: len = 1088
0000: [...]
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 4
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: [...]
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 94, 206, 199, 220, 80, 40, 86, 42, 59, 54, 23, 92, 139,
128, 16, 86, 141, 241, 78, 190, 245, 233, 179, 240, 248, 239, 144, 179, 120,
41, 52, 117, 74, 230, 249, 185, 175, 141, 182, 0, 207, 81, 217, 66, 216, 69 }
[write] MD5 and SHA1 hashes: len = 134
0000: [...]
AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: [...]
CONNECTION KEYGEN:
Client Nonce:
0000: [...]
Server Nonce:
0000: [...]
Master Secret:
0000: [...]
Client MAC write Secret:
0000: [...]
Server MAC write Secret:
0000: [...]
Client write key:
0000: [...]
Server write key:
0000: [...]
... no IV for cipher
AWT-EventQueue-0, WRITE: SSL v3.1 Change Cipher Spec, length = 1
*** Finished, v3.1
verify_data: { 48, 119, 230, 86, 67, 207, 57, 59, 18, 222, 4, 107 }
[write] MD5 and SHA1 hashes: len = 16
0000: [...]
Plaintext before ENCRYPTION: len = 36
0000: [...]
AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 36
AWT-EventQueue-0, READ: SSL v3.1 Change Cipher Spec, length = 1
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 36
Plaintext after DECRYPTION: len = 36
0000: [...]
*** Finished, v3.1
verify_data: { 238, 82, 186, 214, 115, 130, 241, 249, 113, 52, 93, 58 }
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
[read] MD5 and SHA1 hashes: len = 16
0000: [...]
Finalizer, SEND SSL v3.1 ALERT: warning, description = close_notify
Plaintext before ENCRYPTION: len = 22
0000: [...]
Finalizer, WRITE: SSL v3.1 Alert, length = 22Just to keep this thread updated, here is some information I got from Sun's support :
"They have closed this as a duplicate of the other bug[The bug was already identified internally].
The fix for it has been put into build # 71 of merlin (1.4).
I don't yet know whether that build is (or will be) early enough to be part of merlin-beta2 (second public beta).
In any case, the problem has been fixed. It's just a matter of when it will
appear in a publicly-available form." -
Tunneling Problem using HttpsUrlConnection
Hi,
I had gone through forums regarding this topic and still i am facing the same problem using the HttpsUrlConnection. We are working behind a proxy so we have to make a proxy authorization if we want to connect to a server in the internet.
But in case of HttpUrlConnection, everything works
fine. But if we do the same with a HttpsUrlConnection, the authentication fails. It throws an IOException
with the message
Unable to tunnel through 192.9.100.10:80.
Proxy returns "HTTP/1.1 407 Proxy authentication required"
Sample code as follows,
The following code doesn't have any problem becos it works fine with HttpUrlConnection and also it is working without proxyserver for https as well.
This is running under MSVM.
I don't want to use SSLSocketFactory and i need to use following layout(i.e only with Httpsurlconnection)
Is there any way to make work with proxyserver? Or can't we do this at all?
System.setProperty("proxySet","true");
System.setProperty("https.proxyHost","proxyIP");
System.setProperty("https.proxyPort","80");
OutputStream os = null;
OutputStreamWriter osw = null;
InputStream is = null;
InputStreamReader isr = null;
BufferedReader br = null;
URL url;
String line = null;
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
String login = proxyUserName+":"+proxyPassWord;
String encodedLogin = new sun.misc.BASE64Encoder().encode(login.getBytes());
url = new URL("https://www.verisign.com");
HttpsURLConnection con = null;
con =(HttpsURLConnection) url.openConnection();
con.setRequestProperty("Proxy-Authorization", encodedLogin);
con.setRequestMethod("GET");
con.setDoOutput(true);
con.setDoInput(true);
con.setUseCaches(false);
con.connect();
os = con.getOutputStream();
osw = new OutputStreamWriter(os);
osw.write("SampleMsg");
osw.flush();
osw.close();
is = con.getInputStream();
isr = new InputStreamReader(is);
br = new BufferedReader(isr);
while ( (line = br.readLine()) != null)
System.out.println("line: " + line);
Can any one help me regarding this?I need a reply very urgently.
Thanks,
Prabhakaran RHope this help.
Note to change the properties to fit your system, and use the supported package ( JSSE, JRE1.5.......).
You can use URLConnection for both HTTP or HTTPS protocol.
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.*;
import javax.net.ssl.*;
public class testSSL9 {
public testSSL9() {
byte[] data = httpConnection();
System.out.println(new String(data));
public static void main(String[] args) {
Properties sysprops = System.getProperties();
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// sysprops.put("java.protocol.handler.pkgs",
// "com.sun.net.ssl.internal.www.protocol");
sysprops.put("java.protocol.handler.pkgs",
"javax.net.ssl.internal.www.protocol");
sysprops.put("javax.net.ssl.trustStore",
"D:/jdk1.4/jre/lib/security/cacerts");
sysprops.put("javax.net.debug", "ssl,handshake,data,trustmanager");
sysprops.put("https.proxyHost", "172.16.0.1");
sysprops.put("https.proxyPort", "3128");
sysprops.put("https.proxySet", "true");
sysprops.put("http.proxyHost", "172.16.0.1");
sysprops.put("http.proxyPort", "3128");
sysprops.put("proxySet", "true");
testSSL9 testSSL91 = new testSSL9();
private byte[] httpConnection() {
try {
URL url = null;
// String strurl = "https://www.verisign.com";
String strurl = "https://central.sun.net";
// String strurl = "http://www.yahoo.com"; --> use: HttpURLConnection
url = new URL(strurl);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
HttpsURLConnection.setFollowRedirects(false);
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setUseCaches(false);
connection.connect();
InputStream stream = null;
BufferedInputStream in = null;
ByteArrayOutputStream bytearr = null;
BufferedOutputStream out = null;
try {
stream = connection.getInputStream();
in = new BufferedInputStream(stream);
bytearr = new ByteArrayOutputStream();
out = new BufferedOutputStream(bytearr);
catch (Exception ex1) {
System.out.println(ex1);
System.out.println("Server reject connection...sory");
int i = 0;
while ( (i = in.read()) != -1) {
out.write(i);
out.flush();
stream.close();
in.close();
bytearr.close();
out.close();
return bytearr.toByteArray();
catch (Exception ex) {
ex.printStackTrace();
return null;
} -
Type httpsURLConnection is not defined
I'm relatively new to using the JSSE (read: several hours into tinkering with it) and I'm completely at wits end trying to figure out WHY I can't locate the httpsURLConnection class.
I have fully updated my Java to include JSE 6 Update 2... however I can't find either the httpsURLConnection class or ANYTHING dealing with javax.net to import into my current program.
If it helps, I'm developing in Visual Studio .NET 2005.
Thanks in advance for any help!I'm developing in VB.NET, so case sensitivity is not
an issue. Unless I'm missing something obvious
(which is possible), that is the spelling error to
which you were referring?
When I instantiate a new object, I receive a pop-up
list of all of the different objects that I can
possibly create... HttpsURLConnection is not listed,
while HttpURLConnection is.
In addition, when I begin making a new object, I
should be able to type:
Dim sslConnection As New javax.
...... at which point I'd receive a smiliar pop-up
list of all the classes/methods associated with
javax, so I can pick what I want. It doesn't appear.
Javax is not getting imported into my program for
some strange reason.
My apologies for the confusion w/ the cases, I've
just gotten used to VS.NET handling all of my
case-ing for me, so I didn't even think twice about
it when I was posting.What am I missing? This is a Java forum, not a VB.NET forum. -
Classcast exception while using HttpsURLConnection
I am using java1.3. I have downloaded all the jars in JSSE..however when i am using the HttpsURLConnection class i get ClassCase exception at
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
I don't get any error while compiling however get the error when executing
Any help on this will greatly appricated.
Thanks
SudhaMagic, that worked for me.
Now the real question is why did it work. My code worked fine under JRE 1.3.1, but when I remove jsse.jar from my classpath and upgraded to JRE 1.4.1 it broke. By commenting out the System.setProperty it now works. Strange.
Cheers,
Paul -
Help with java.lang.ClassCastException in JSSE
I need an urgent help.
i am writing code in JSSE for getting Server certificater(through SSL)
i wrote
public class url
public static void main(String[] args)
try
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new Provider());
URL url=new URL("https://localhost:8443");
HttpsURLConenction urlc=(HttpsURLConnection) url.openConnection();
catch(Exception e)
System.out.println(e);
when i am executing this programing, i am getting the following run time error
java.lang.ClassCastException
I think i am getting error for the following line of code
" HttpsURLConenction urlc=(HttpsURLConnection)url.openConnection(); "
Please help me out to overcome this run time error.
I would be grateful to you if you can solve my errorHi all
I have the same error:
java.lang.ClassCastException: com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl
MY CODE IS:
// Set the system and security properties
System.setProperty("javax.net.ssl.trustStore",
"C:\\certificados\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
// Keystore location and password
System.setProperty("javax.net.ssl.keyStore",
"C:\\certificados\\keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
//Set the request
String url_ = "https://195.235.160.165";
//Creamos la petici�n html
StringBuffer buffer = new StringBuffer();
buffer.append(url_);
buffer.append("/GPP/WLServer?Method=M_FINDIT&CLIENT=");
buffer.append(client);
buffer.append("&CLI_PASSWD=");
buffer.append(cli_passwd);
buffer.append("&USER=");
buffer.append(user_login);
buffer.append("&USER_PASSWD=");
buffer.append(user_passwd);
buffer.append("&TUSERID=");
buffer.append(MSISDN);
buffer.append("&TUSERID_TYPE=MSISDN");
buffer.append("&GROUP=");
buffer.append(group_id);
buffer.append("&SRS=GPP:UTM28");
url_ = buffer.toString();
URL url = new URL(url_);
HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
conn.setHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session)
// I don't care if the certificate doesn't match host name
return true;
BufferedReader in = new BufferedReader(
new InputStreamReader(
conn.getInputStream()));
//Creates a writer with the encoding parameter as "UTF-8"
Writer out_ = new OutputStreamWriter(response.getOutputStream(), "UTF-8" );
String inputLine;
String fichero_in = "";
while ((inputLine = in.readLine()) != null){
if(inputLine.length()!=0){
System.out.println(inputLine);
fichero_in = inputLine;
out_.write(inputLine);
in.close();
//Sets the Content-Type header
response.setContentType("application/xml; charset=utf-8");
//response.setContentType("text/html; charset=UTF-8");
//Sends the response XML to the client
out_.write(url_);
//out_.write(fichero_in);
out_.flush();
response.sendRedirect(response.encodeRedirectURL("out_"));
Anyone can hel me??
Thanks in advance -
Problems with JSSE under Weblogic 5.1 sp9
I have a java application which uses JSSE to communicate with a WebMethods server
and it works great. However, when I take the same code block and run it under
Weblogic 5.1 sp11, I receive a bad certificate error. After spending a lot of
time reading through various postings, I fixed the problem where Weblogic was
intercepting HTTPsURLConnection, but still have the bad_certificate error.
My setup is as follows:
- Keys stored using keytool in keystores outside of Weblogic
- Service pack 9 is installed (also tested SP10)
- Code runs fine as an isolated java application, but will not run when called
from within weblogic.
- JDK1.3.1_02
- Modified the weblogic.policy file with the following line:"permission java.net.NetPermission
"specifyStreamHandler";"
Source Code:
System.getProperties().put("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.out.println("\n\nHandler = "+System.getProperty("java.protocol.handler.pkgs"));
URL server = new URL(null, "https://B2bserver.quadrem.com:4443/invoke/wm.tn/receive",
new com.sun.net.ssl.internal.www.protocol.https.Handler());
System.out.println("Connecting to : "+server.toExternalForm());
char[] password = "weblogic".toCharArray();
SSLContext context = SSLContext.getInstance("SSL");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream("x:/jpkeystore"), password);
keyManagerFactory.init(keystore, password);
context.init(keyManagerFactory.getKeyManagers(), null, null);
HttpsURLConnection conn = (HttpsURLConnection)server.openConnection();
conn.setDoInput( true );
conn.setDoOutput( true );
conn.setAllowUserInteraction(false);
conn.setUseCaches( false );
conn.setDefaultUseCaches ( false );
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type","text/xml");
conn.setRequestProperty("Host", remoteHost);
conn.setRequestProperty("Content-Length", "" + (XML_HEADER.length()+doc.length()));
DataOutputStream out = new DataOutputStream (conn.getOutputStream());
out.writeBytes(XML_HEADER);
out.write(doc.getBytes());
out.flush();
out.close();
All help will be appreciated.
thanks
Mark Johnson
781-993-9212 x375
[email protected]Mark,
Can you post the complete exceptionand stack trace here ?
Mark Johnson wrote:
I have a java application which uses JSSE to communicate with a WebMethods server
and it works great. However, when I take the same code block and run it under
Weblogic 5.1 sp11, I receive a bad certificate error. After spending a lot of
time reading through various postings, I fixed the problem where Weblogic was
intercepting HTTPsURLConnection, but still have the bad_certificate error.
My setup is as follows:
- Keys stored using keytool in keystores outside of Weblogic
- Service pack 9 is installed (also tested SP10)
- Code runs fine as an isolated java application, but will not run when called
from within weblogic.
- JDK1.3.1_02
- Modified the weblogic.policy file with the following line:"permission java.net.NetPermission
"specifyStreamHandler";"
Source Code:
System.getProperties().put("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.out.println("\n\nHandler = "+System.getProperty("java.protocol.handler.pkgs"));
URL server = new URL(null, "https://B2bserver.quadrem.com:4443/invoke/wm.tn/receive",
new com.sun.net.ssl.internal.www.protocol.https.Handler());
System.out.println("Connecting to : "+server.toExternalForm());
char[] password = "weblogic".toCharArray();
SSLContext context = SSLContext.getInstance("SSL");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream("x:/jpkeystore"), password);
keyManagerFactory.init(keystore, password);
context.init(keyManagerFactory.getKeyManagers(), null, null);
HttpsURLConnection conn = (HttpsURLConnection)server.openConnection();
conn.setDoInput( true );
conn.setDoOutput( true );
conn.setAllowUserInteraction(false);
conn.setUseCaches( false );
conn.setDefaultUseCaches ( false );
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type","text/xml");
conn.setRequestProperty("Host", remoteHost);
conn.setRequestProperty("Content-Length", "" + (XML_HEADER.length()+doc.length()));
DataOutputStream out = new DataOutputStream (conn.getOutputStream());
out.writeBytes(XML_HEADER);
out.write(doc.getBytes());
out.flush();
out.close();
All help will be appreciated.
thanks
Mark Johnson
781-993-9212 x375
[email protected] -
ClassCastException - HttpsURLConnection
I am getting the following error:
java.lang.ClassCastException: com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection
Does anybody have a solution to this? I am developing in WSAD 5.
if (protocol.equalsIgnoreCase("https"))
//use Sun's JSSE to deal with SSL
//java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.out.println("1");
System.setProperty( "java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");
System.out.println("2");
java.security.Security.addProvider(new com.ibm.jsse.IBMJSSEProvider());
//System.getProperties().put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
//System.getProperties().put("java.protocol.handler.pkgs", "com.ibm.net.ssl.internal.www.protocol");
System.out.println("3");
url = new URL(protocol + "://" + hostname + "/" + prefix + "/" + service);
System.out.println("4");
connection = (HttpsURLConnection) url.openConnection(); //this is where the error is occuring
System.out.println("5");
else
url = new URL(protocol + "://" + hostname + "/" + prefix + "/" + service);
connection = (HttpURLConnection) url.openConnection();
}Okay, maybe I have t reversed :P There are two HttpsURLConnections, one in javax.net the other one you are using. If you have imported one or both, you will have to qualify which you mean:
connection = (com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection) url.openConnection();And make sure connection is instantiated as:
com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection as well. -
URGENT: Timeout on HTTPSURLCONNECTION
I've scoured the web and these fora for a solution to my problem, and I can't seem to find a solution, so would really appreciate any help/pointers/examples to assist me.
I've managed to read from a secure web page, using JSSE to set up an httpsurlconnection called connect, and can read and post to it fine. My problem is that I want to set a timeout period if I don't receive a reply to my GET or POST methods. Everything I've found only applies to HTTPurlconnection, and it seems as if HTTPSurlconnection isn't able to handle user-defined timeouts. The closest I've got is setting up an SSLsocket and then using the inherited setSoTimeout, but my Java's not good enough to set that up correctly, and I'm not sure if it would work. Then maybe there are thread methods, which are even more complicated, and I don't want to use threads as I'll be running up to 60 instances of this URL reading/posting class at a time.
Does anyone have some example code which allows me to set a timeout period for my HTTPSurlconnection?
Many many thanks, I'm a relative newbie to Java and these fora, so appreciate any replies.
Claudelook at "sun.net.client.defaultConnectTimeout"
http://java.sun.com/j2se/1.4/docs/guide/net/properties.html
it might help you -
I am using the HttpsURLConnection class to post and retrieve reply from a HTTPS site through a proxy. My problem is, I can't seem to set the timeout value for the HttpsURLConnection. If there is no reply from the site, the program will hang there.
I'm using J2SDK 1.4.1_03 and I have tried specifying the option:
System.setProperty("sun.net.client.defaultReadTimeout","30000");
or during runtime:
-Dsun.net.client.defaultReadTimeout=30000
However, both options do not seem to work. Did I do something wrong here?
After looking around for some information, I gather that other people also face this problem. Generally, I think the suggestions seem to be pointing to two solutions:
1. Implemen a customized HttpsURLConnection, ie creating the socket with the timeout.
2. Create another thread to keep track of the https connection and to stop it after a timeout value.
Is there any other solutions? Which solution will be the best and simplest to implemen?Hi,
there is a library called HTTPClient available for free on:
http://jakarta.apache.org/commons/httpclient/
It supports time out, besides a bunch of other features.
Also HTTPS is straight forward, as soon as the underlying JSSE
installation is done. -
Class com.ibm.jsse.be configured for a TrustManagerFactory : Help needed
Hi
I am getting the following runtime error when trying for a HTTPS connection from my java code.
Runtime Error : Class com.ibm.jsse.be configured for a TrustManagerFactory: not a TrustManagerFactory Action: 4 Class: com.americanexpress.teen.common.fis.FISInterface Method: getFISTestData(String fisURL) Exception:java.net.SocketException: Class com.ibm.jsse.be configured for a TrustManagerFactory: not a TrustManagerFactory
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.b(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.bs.a(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.bs.o(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.<init>(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.a(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.a(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.a(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.p.b(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.p.connect(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.bw.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.bw.getHeaderField(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.bw.getResponseCode(Unknown Source)
at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getResponseCode(Unknown Source)
at com.americanexpress.teen.common.fis.FISInterface.getFISTestData(FISInterface.java:2238)
at org.apache.jsp._fisTestPage._jspService(_fisTestPage.java:112)
at com.ibm.ws.webcontainer.jsp.runtime.HttpJspBase.service(HttpJspBase.java:89)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.ibm.ws.webcontainer.jsp.servlet.JspServlet$JspServletWrapper.service(JspServlet.java:344)
at com.ibm.ws.webcontainer.jsp.servlet.JspServlet.serviceJspFile(JspServlet.java:669)
at com.ibm.ws.webcontainer.jsp.servlet.JspServlet.service(JspServlet.java:767)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.ibm.ws.webcontainer.servlet.StrictServletInstance.doService(StrictServletInstance.java:110)
at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._service(StrictLifecycleServlet.java:174)
at com.ibm.ws.webcontainer.servlet.IdleServletState.service(StrictLifecycleServlet.java:313)
at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.service(StrictLifecycleServlet.java:116)
at com.ibm.ws.webcontainer.servlet.ServletInstance.service(ServletInstance.java:283)
at com.ibm.ws.webcontainer.servlet.ValidServletReferenceState.dispatch(ValidServletReferenceState.java:42)
at com.ibm.ws.webcontainer.servlet.ServletInstanceReference.dispatch(ServletInstanceReference.java:40)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:61)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handleWebAppDispatch(WebAppRequestDispatcher.java:974)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:564)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:200)
at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:119)
at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:276)
at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:182)
at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:334)
at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:618)
at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:439)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:672)
My application is trying to a https://xyz.com from java code and i am getting the above exception.
I tried connecting to "https://xyz.com " from my workspace via Websphere 5.1 server and my server is throwing the above exception. I have extened the ibmjsse provided by WAS 5.1 and using it for connecting to the HTTPS URL.
I feel the above problem might be due to network issues. Please help me in resolving the same.
Thanks in advance !!!!!Steps i have done to ensure the connectivity :
Method A :
1) I imported the pfx and CA certificates given by xyz.com in my web browser (IE)
2) After that, I tried connecting to "https://xyz.com" from browser and getting a proper response.
Method B :
1) I updated the jre cacert with CA certificate given by xyz.com
2) Loaded the pfx keystore from my java client code program and ran it as a java standalone code and got the proper response.
My java code
import java.io.*;
import java.net.*;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.*;
import java.security.*;
import java.sql.Time;
public class HTTPSConnect{
public static void main(String[] args)
URL url;
StringBuffer buffer;
String line;
int responseCode=0;
HttpsURLConnection connection = null;
InputStream input;
BufferedReader dataInput;
//FIS Sample URL
String fisURL = "https://xyz.com";
String fisResp = "";
try
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.debug", "all");
String path = "F:\\MyCertificate.pfx";
String type = "pkcs12";
String password = "abc123";
System.setProperty("javax.net.ssl.keyStoreType", type);
System.setProperty("javax.net.ssl.keyStore",path);
System.setProperty("javax.net.ssl.keyStorePassword",password);
url = new URL(fisURL);
//Create the connection
connection = (HttpsURLConnection) url.openConnection();
connection.setUseCaches(false);
//Get the response code for the HTTPS connection
responseCode = connection.getResponseCode();
if (200 == responseCode)
buffer = new StringBuffer();
//Getting the FIS Response XML using the Stream reader
input = connection.getInputStream();
dataInput = new BufferedReader(new InputStreamReader(input));
while ((line = dataInput.readLine()) != null)
buffer.append(line);
buffer.append('\n');
fisResp = (String) buffer.toString().trim();
else
System.out.println("HTTP Status-Code : " + responseCode);
catch (MalformedURLException mue)
System.out.println("Exception in URL : " + mue.getMessage() );
mue.printStackTrace();
catch (IOException ioe)
System.out.println("IO Exception : " + ioe.getMessage() );
ioe.printStackTrace();
catch (Exception e)
System.out.println("Exception : " + e.getMessage() );
e.printStackTrace();
System.out.println("FIX XML Response : " + fisResp);
System.out.println("Response Code of HTTPS Connection : " + responseCode);
Please let me know if i am missing something :) -
Help: httpsurlconnection and x509certificate
I am developing a java client that will retrieve data from a webserver through http. The webserver uses x509certificate.
My specific question is how to pass an x509 certificate into the https request.
I have the following sample code:
// load the certificate
InputStream instream = new FileInputStream("someCertificate.cer");
X509Certificate cert = X509Certificate.getInstance(instream);
instream.close();
URL myURL = new URL ("https://www.someserver.com/");
HttpsURLConnection httpsConn = (HttpsURLConnection) myURL.openConnection();
httpsConn.setDoOutput(true);
BufferedReader in = new BufferedReader(new InputStreamReader(httpsConn.getInputStream()));
String line;
while ((line = in.readLine()) != null)
System.out.println(line);
in.close();
The server requires the client to present the x509 certificate.
How do I pass the certificate for authentication before trying to getInputStream()?
Can anyone point to me any articles or sample codes on how to program this. I am fairly new to this area of programming.
Your help is much appreciated.
Thank you.
Message was edited by:
Ewon799I am developing a java client that will retrieve data
from a webserver through http. The webserver uses
x509certificate.
My specific question is how to pass an x509
certificate into the https request.Do you really want to pass the x509 certificate as part of the HTTPS request, or do you want to pass the x509 certificate as part of the SSL/TLS handshaking, which is what is most commonly done.
Normally when the SSL/TLS handshake is going on, the server sends the certificate to the client, then the client approves it, and finalizes the SSL/TLS handshake. At this point, the connection is secured, and only THEN does the https exchange takes place.
If that's what you really want, then you need to initialize your SSLContext to have access to the keystore that stores that privatekey/cert combo. You can either do it through the system variables, or by initializing a SSLContext to point it's X509KeyManager to the right keystore.
See the JSSE Reference Guide for more information, specifically the sections on key and trust manager, and the system properties.
Maybe you are looking for
-
Export using quicktime conversion only exports 23 seconds of my project...
Hi, I am trying to output a promotional video to .wmv format using the quicktime conversion. It only exports 23 seconds of footage before stopping, which is no use at all. Whats wrong? I have tried setting ins and outs around the video, and I have tr
-
Q5 screen cuts off at top and left side
I've had my Q5 for a week. Today I noticed the screen is cutting off on the top and the left side. Does anyone have any idea how I can fix this?
-
How to know through code if the web page is modified on a particular site ?
Hi all.. I have an application developed using struts framework. In my application i accept URL from user and then connect to that URL. After that i retrieve the contents of that URL and do further processing. I have an action class which does these
-
Looping a folder for pattern files
Hello Please help me with an answer. I have a folder with more files with same structure generated by ERP. - Purchase_240520080600.txt - Purchase_240520080730.txt - Purchase_240520080843.txt etc Is there a possible to loop into the folder for all fil
-
When I try to download Photoshop, I keep getting the message: "We are experiencing some issues, please try again later, if the problem persists, contact Customer Support". It's persisting.