Java 8 Java Secure Socket Extension (JSSE)
Will there any chnages in Java Secure Socket Extension (JSSE) implementation on JDK 8.
See here. 10 seconds in Google.
Similar Messages
-
Jsse error -- java.security.NoSuchAlgorithmException:Algorithm TLS
I tried using the sample codes given at the JSSE1.0.2 web site, but I am encountering the folowing problem:
java.security.NoSuchAlgorithmException: Algorithm TLS not available
PLEASE ADVICE ME.
Thanks,
Shafique Razzaque,
SCPJ2,
Singapore.My email : [email protected]
Hi
I�m a student working on a Sun JSSE Samples for many weeks and I couldn�t run anyone ..!
I am using the last JSSE 1.02 , the jdk 1.31, working on Jbuilder4
I am working on both RMI and sockets samples.
On the RMI sample I got this Exception : no such algorithm �TSL�
�TSL� not supported
I searched in the posted messages in the forum and I found someone had the same problem
I followed all what he did but no way �!
I don�t know what I forget to do, see what I did and tell me please what is wrong.
I installed the JSSE as followed in the install file. I am sure that it is well installed
How to compile???!!!
1.I configured the rmic parameters to generate only the stub compatible only with java 2
2.I compiled the project I got the stub
3.I put theses parameters in
Project Properties /Run/ field : VM parameters
-Djava.rmi.server.codebase=file:/c:/windows/jbproject/Sunrmissl/classes/ -Djava.security.policy=file:/c:/windows/jbproject/Sunrmissl/policy.policy -Djavax.net.ssl.trustStore=file:/c:/windows/jbproject/Sunrmissl/testkeys.key
4.I run the rmiregistry
5.i run the HelloImp but every time exceptions :
C:\JBUILDER4\JDK1.3\bin\javaw -classpath "C:\WINDOWS\jbproject\Sunrmissl\classes;C:\jsse-1_0_2-gl\jsse1.0.2\lib\jcert.jar;C:\jsse-1_0_2-gl\jsse1.0.2\lib\jnet.jar;C:\jsse-1_0_2-gl\jsse1.0.2\lib\jsse.jar;C:\JBUILDER4\JDK1.3\demo\jfc\Java2D\Java2Demo.jar;C:\JBUILDER4\JDK1.3\jre\lib\i18n.jar;C:\JBUILDER4\JDK1.3\jre\lib\jaws.jar;C:\JBUILDER4\JDK1.3\jre\lib\rt.jar;C:\JBUILDER4\JDK1.3\jre\lib\sunrsasign.jar;C:\JBUILDER4\JDK1.3\lib\dt.jar;C:\JBUILDER4\JDK1.3\lib\tools.jar" -Djava.rmi.server.codebase=file:/c:/windows/jbproject/Sunrmissl/classes/ -Djava.security.policy=file:/c:/windows/jbproject/Sunrmissl/policy.policy -Djavax.net.ssl.trustStore=file:/c:/windows/jbproject/Sunrmissl/testkeys.key sunrmissl.HelloImpl
java.security.NoSuchAlgorithmException: Algorithm TLS not available
at com.sun.net.ssl.b.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.SSLContext.getInstance([DashoPro-V1.2-120198])
at sunrmissl.RMISSLServerSocketFactory.createServerSocket(RMISSLServerSocketFactory.java:39)
at sun.rmi.transport.tcp.TCPEndpoint.newServerSocket(TCPEndpoint.java:559)
at sun.rmi.transport.tcp.TCPTransport.listen(TCPTransport.java:200)
at sun.rmi.transport.tcp.TCPTransport.exportObject(TCPTransport.java:172)
at sun.rmi.transport.tcp.TCPEndpoint.exportObject(TCPEndpoint.java:319)
at sun.rmi.transport.LiveRef.exportObject(LiveRef.java:119)
at sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:125)
at sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:109)
at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:278)
at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:209)
at java.rmi.server.UnicastRemoteObject.<init>(UnicastRemoteObHelloImpl err: null
ject.java:100)
at sunrmissl.HelloImpl.<init>(HelloImpl.java:27)
at sunrmissl.HelloImpl.main(HelloImpl.java:41)
java.lang.NullPointerException
at sunrmissl.RMISSLServerSocketFactory.createServerSocket(RMISSLServerSocketFactory.java:51)
at sun.rmi.transport.tcp.TCPEndpoint.newServerSocket(TCPEndpoint.java:559)
at sun.rmi.transport.tcp.TCPTransport.listen(TCPTransport.java:200)
at sun.rmi.transport.tcp.TCPTransport.exportObject(TCPTransport.java:172)
at sun.rmi.transport.tcp.TCPEndpoint.exportObject(TCPEndpoint.java:319)
at sun.rmi.transport.LiveRef.exportObject(LiveRef.java:119)
at sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:125)
at sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:109)
at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:278)
at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:209)
at java.rmi.server.UnicastRemoteObject.<init>(UnicastRemoteObject.java:100)
at sunrmissl.HelloImpl.<init>(HelloImpl.java:27)
at sunrmissl.HelloImpl.main(HelloImpl.java:41) -
HI Team,
while starting the node manager in wls 8.1 and java1.4
we are facing this issue plz help on this immediately.
+ CLASSPATH=/srvrs/bdv/patches/CR210310_81sp4.jar:/usr/java14/lib/tools.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic_sp.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic.jar::/srvrs/bdv/bea
+ export CLASSPATH
+ export PATH
+ set -x
+ [ 5555 != ]
+ [ 142.182.112.123 != ]
+ /usr/java14/bin/java -Xms32m -Xmx32m -Dweblogic.security.SSL.enforceConstraints=off -Djava.security.policy=/srvrs/bdv/bea/weblogic81/server/lib/weblogic.policy -Dweblogic.nodemanager.javaHome=/usr/java14 -DListenAddress=142.182.112.123 -DListenPort=5555 weblogic.NodeManager
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <NodeManager: for information on command line options, try "java weblogic.NodeManager -h">
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Starting NodeManager >
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenAddress to 142.182.112.123..>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenPort to 5,555..>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting java home to '/usr/java14'>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Effective values of properties :
ListenAddress=142.182.112.123
ListenPort=5555
ListenerType=secureSocket
SavedLogsDirectory=NodeManagerLogs
NativeVersionEnabled=true
TrustedHosts=nodemanager.hosts
StartTemplate=../../server/lib/unix/nodemanager.sh
ReverseDnsEnabled=false
ScavangerDelaySeconds=180
PIDFileReadRetryCount=0
WeblogicHome=null
bea.home=null
JavaHome=/usr/java14
PropertiesVersion=8.1
>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Saving logs in'NodeManagerLogs'>
<Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading private key and certificate chain from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoIdentity.jks. KeyStore type = jks, Using keystore passphrase = true, Alias = DemoIdentity>
<Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoTrust.jks. KeyStore type = jks, Using keystore passphrase = true>
<Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /usr/java14/jre/lib/security/cacerts. KeyStore type = jks, Using keystore passphrase = false>
SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.
java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11
at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:52)
at weblogic.nodemanager.internal.SecureSocketListener.run(SecureSocketListener.java:57)
at weblogic.nodemanager.internal.GenericListener.startListener(GenericListener.java:16)
at weblogic.nodemanager.NodeManager.startSecureSocketListener(NodeManager.java:461)
at weblogic.nodemanager.NodeManager.init(NodeManager.java:305)
at weblogic.nodemanager.NodeManager.run(NodeManager.java:511)
at weblogic.NodeManager.main(NodeManager.java:31)
Thanks,
EswarHi,
Did you find a solution to this? We are running into the same issue since upgrading to Weblogic 9.2.3 for WebCT Vista 8.0.4.
Thanks,
Ron -
Socket programming + java.security.AccessControlException: access denied
the code below is for a particular port and IP ..what is the command for granting permission for all the sites?
please help, i have been unable to tackle this problem from the past 24 hours.
iam getting an error too..
java.security.AccessControlException: access denied (java.net.SocketPermission yahoo.com resolve)
grant {
permission java.net.SocketPermission
"puffin.eng.sun.com:7777",
"connect, accept";..
-
Java.security.cert.CertificateException
Hi,
I am using a JAVA client to connect to a https server which uses certificates for authentication.
The server uses gSOAP certificates for client authentication and encryption of messages.
I am using JSSE coming along with JDK1.6 and generated keystore file from client.pem and cacert.pem files used by the server.
I need to send SOAP messages with attachments.
I am using SAAJ API with JDK 1.6 .
When I try to connect to the server through javax.xml.soap.SOAPConnection, I am getting java.security.cert.CertificateException. Please see the exception below.
Note: Server is responding properly to SOAP UI tool(java testing tool) with certifcates authentication.
I have enabled debug option in SSL.
E:\test\properties\storefile.jks
keyStore is : E:\test\properties\storefile.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: E:\test\properties\storefile.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Issuer: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Sat Oct 02 22:38:06 IST 2004 until Tue Oct 02 22:38:06 IST 2007
adding as trusted cert:
Subject: [email protected], CN=localhost, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Issuer: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Algorithm: RSA; Serial number: 0x7
Valid from Sun Dec 25 01:01:53 IST 2005 until Wed Dec 24 01:01:53 IST 2008
adding as trusted cert:
Subject: [email protected], CN=localhost, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Issuer: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Algorithm: RSA; Serial number: 0x8
Valid from Sun Dec 25 01:03:13 IST 2005 until Wed Dec 24 01:03:13 IST 2008
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1155448094 bytes = { 120, 70, 246, 123, 195, 47, 61, 191, 223, 241, 23, 204, 98, 143, 212, 251, 80, 10, 100, 183, 82, 82, 215, 228, 212, 47, 68, 224 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
Thread-3, WRITE: TLSv1 Handshake, length = 73
Thread-3, WRITE: SSLv2 client hello message, length = 98
Thread-3, READ: TLSv1 Handshake, length = 74
*** ServerHello, TLSv1
RandomCookie: GMT: 1155531752 bytes = { 248, 141, 63, 154, 117, 213, 184, 250, 239, 237, 26, 225, 175, 38, 151, 65, 101, 127, 134, 46, 180, 80, 153, 133, 215, 120, 102, 11 }
Session ID: {100, 201, 98, 232, 113, 191, 163, 129, 1, 101, 251, 29, 233, 245, 144, 203, 231, 208, 202, 248, 160, 99, 84, 248, 86, 16, 235, 234, 20, 73, 231, 148}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
Thread-3, READ: TLSv1 Handshake, length = 1868
*** Certificate chain
chain [0] = [
Version: V3
Subject: [email protected], CN=localhost, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 144881101064455404788814091404981462608080902688277626878350142057531273562236240952084735254146287262789443540177122740514352105900513219519909051335421867736741713195463254360663999239941476817345303119999799829037388457231058611674562175705514528085594563474765367007497034178272408363177194954006361904887
public exponent: 65537
Validity: [From: Sun Dec 25 01:03:13 IST 2005,
To: Wed Dec 24 01:03:13 IST 2008]
Issuer: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
SerialNumber: [ 08]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3D C1 C8 B5 19 17 C3 8C 12 64 3C 05 C3 22 EE 7B =........d<.."..
0010: BA 27 B4 C1 .'..
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E0 CC 88 8B 41 A0 21 4A A4 61 18 67 27 61 A0 C9 ....A.!J.a.g'a..
0010: 49 95 77 CA I.w.
[[email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US]
SerialNumber: [ 00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 6E D0 0E EC 85 EA A9 71 60 5D CB 13 3A 0C C2 C6 n......q`]..:...
0010: A1 92 15 14 2A BB 86 2A 1D 68 B1 4B 41 C0 0B FB ....*..*.h.KA...
0020: 35 C7 0F 6E 51 99 B3 25 95 4F 58 18 3D 73 F2 06 5..nQ..%.OX.=s..
0030: 18 63 40 21 A7 44 1D AB 46 DB DD 6C 20 7D 23 23 .c@!.D..F..l .##
0040: 08 84 92 CE 04 93 10 B3 CB 84 67 FD 3F 53 81 51 ..........g.?S.Q
0050: 25 60 EE D1 02 89 06 58 E6 E0 B4 C2 20 D8 E8 84 %`.....X.... ...
0060: 8A 4E 8D 59 62 67 33 4C 95 BD A3 F7 68 76 5E BA .N.Ybg3L....hv^.
0070: D9 84 3F 80 C8 1E 49 3A 59 D0 B4 74 9E 2D CD F6 ..?...I:Y..t.-..
chain [1] = [
Version: V3
Subject: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 106482211752195899275275639329238789380560290379431640534106480581317795742917955972475513891969031216742557266096088552725987675210922796797720103531106400345818891764659480805498923495886457178236281557583158652266656923442983245641013901721295378444704296581436391012531718274035287004196101203604693764023
public exponent: 65537
Validity: [From: Sat Oct 02 22:38:06 IST 2004,
To: Tue Oct 02 22:38:06 IST 2007]
Issuer: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
SerialNumber: [ 00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E0 CC 88 8B 41 A0 21 4A A4 61 18 67 27 61 A0 C9 ....A.!J.a.g'a..
0010: 49 95 77 CA I.w.
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E0 CC 88 8B 41 A0 21 4A A4 61 18 67 27 61 A0 C9 ....A.!J.a.g'a..
0010: 49 95 77 CA I.w.
[[email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US]
SerialNumber: [ 00]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 59 9B F6 45 7E 10 3C 79 3B 88 FB 74 B3 2E F7 4F Y..E..<y;..t...O
0010: 67 16 09 C1 2F 4E AC 7A 98 EA B4 12 08 6D 96 37 g.../N.z.....m.7
0020: 1A 70 A0 79 FC 4A A7 54 BA 21 FD 35 FE 67 55 EF .p.y.J.T.!.5.gU.
0030: D9 D9 18 99 5D 7A 03 3B EE DC F8 54 89 73 B8 86 ....]z.;...T.s..
0040: B3 FB 63 4E F8 6A 9B AF A1 2B 39 1F B7 50 63 AB ..cN.j...+9..Pc.
0050: 46 E1 F7 F5 A3 13 D4 3B F0 1D 8A 54 E4 65 3E 94 F......;...T.e>.
0060: 6D 5A 58 77 50 A7 CB 99 E7 2E 28 90 C8 37 67 D2 mZXwP.....(..7g.
0070: 19 E6 78 A3 91 49 E9 08 74 0E FA AF FC 16 B3 0B ..x..I..t.......
Feb 24, 2007 9:50:47 AM com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection post
SEVERE: SAAJ0009: Message send failed
com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: java.security.PrivilegedActionException: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection.call(Unknown Source)
at SOAPConnector$1.run(SOAPConnector.java:145)
Caused by: java.security.PrivilegedActionException: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at java.security.AccessController.doPrivileged(Native Method)Found trusted certificate:
Version: V3
Subject: [email protected], CN=localhost, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 144881101064455404788814091404981462608080902688277626878350142057531273562236240952084735254146287262789443540177122740514352105900513219519909051335421867736741713195463254360663999239941476817345303119999799829037388457231058611674562175705514528085594563474765367007497034178272408363177194954006361904887
public exponent: 65537
Validity: [From: Sun Dec 25 01:03:13 IST 2005,
To: Wed Dec 24 01:03:13 IST 2008]
Issuer: [email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US
SerialNumber: [ 08]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3D C1 C8 B5 19 17 C3 8C 12 64 3C 05 C3 22 EE 7B =........d<.."..
0010: BA 27 B4 C1 .'..
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E0 CC 88 8B 41 A0 21 4A A4 61 18 67 27 61 A0 C9 ....A.!J.a.g'a..
0010: 49 95 77 CA I.w.
[[email protected], CN=genivia.com, OU=IT, O="Genivia, Inc.", L=Tallahassee, ST=FL, C=US]
SerialNumber: [ 00]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 6E D0 0E EC 85 EA A9 71 60 5D CB 13 3A 0C C2 C6 n......q`]..:...
0010: A1 92 15 14 2A BB 86 2A 1D 68 B1 4B 41 C0 0B FB ....*..*.h.KA...
0020: 35 C7 0F 6E 51 99 B3 25 95 4F 58 18 3D 73 F2 06 5..nQ..%.OX.=s..
0030: 18 63 40 21 A7 44 1D AB 46 DB DD 6C 20 7D 23 23 .c@!.D..F..l .##
0040: 08 84 92 CE 04 93 10 B3 CB 84 67 FD 3F 53 81 51 ..........g.?S.Q
0050: 25 60 EE D1 02 89 06 58 E6 E0 B4 C2 20 D8 E8 84 %`.....X.... ...
0060: 8A 4E 8D 59 62 67 33 4C 95 BD A3 F7 68 76 5E BA .N.Ybg3L....hv^.
0070: D9 84 3F 80 C8 1E 49 3A 59 D0 B4 74 9E 2D CD F6 ..?...I:Y..t.-..
Thread-3, SEND TLSv1 ALERT: fatal, description = certificate_unknown
Thread-3, WRITE: TLSv1 Alert, length = 2
Thread-3, called closeSocket()
Thread-3, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
... 2 more
Caused by: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection.post(Unknown Source)
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(Unknown Source)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
... 5 more
Caused by: java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(Unknown Source)
at sun.security.util.HostnameChecker.match(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 17 more
CAUSE:
java.security.PrivilegedActionException: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection.call(Unknown Source)
at SOAPConnector$1.run(SOAPConnector.java:145)
Caused by: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection.post(Unknown Source)
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(Unknown Source)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
... 5 more
Caused by: java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(Unknown Source)
at sun.security.util.HostnameChecker.match(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 17 more
CAUSE:
java.security.PrivilegedActionException: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection.call(Unknown Source)
at SOAPConnector$1.run(SOAPConnector.java:145)
Caused by: com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: Message send failed
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection.post(Unknown Source)
at com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(Unknown Source)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown Source)
... 5 more
Caused by: java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(Unknown Source)
at sun.security.util.HostnameChecker.match(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 17 more
Any help is appreciated.did you find the solution for the issue i am using jscape now...
-
How to configure java.security file to run j2ee programs
Hi,
I am using Sun one application server to run my j2ee programs.
plz tell me how to configure java.security file inside my appserver so that i can run my servlet program that is using jsse API to create SSL sockets.
I am not able to follow whats there in java.security file.Kindly tell how to configure it.
Waiting for ur replies!
Thanks,
AkshathaHi,
I am using Sun one application server to run my j2ee programs.
plz tell me how to configure java.security file inside my appserver so that i can run my servlet program that is using jsse API to create SSL sockets.
I am not able to follow whats there in java.security file.Kindly tell how to configure it.
Waiting for ur replies!
Thanks,
Akshatha -
Hi !
WLS version: 5.1 with SP10
Server OS: NT4
Client distr.: Java WebStart
Client OS: Windows 2000
I get the following exception when I try to create a T3 connection
(tunnelled through HTTP) to my WLS server:
java.security.AccessControlException: access denied
(java.util.PropertyPermission proxyHost read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at weblogic.net.http.HttpClient.resetProperties(HttpClient.java:62)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:186)
at weblogic.net.http.HttpClient.<init>(HttpClient.java:85)
at weblogic.net.http.HttpClient.New(HttpClient.java:117)
at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:97)
at
weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1
44)
at weblogic.socket.JVMSocketHTTPClient.sendMsg(JVMSocketHTTPClient.java:260)
at weblogic.socket.JVMAbbrevSocket.sendOutMsg(JVMAbbrevSocket.java:348)
at weblogic.socket.JVMAbbrevSocket.sendMsg(JVMAbbrevSocket.java:237)
at weblogic.rjvm.ConnectionManager.sendMsg(ConnectionManager.java:420)
at weblogic.rjvm.RJVMImpl.send(RJVMImpl.java:564)
at
weblogic.rjvm.MsgAbbrevOutputStream.flushAndSendRaw(MsgAbbrevOutputStream.ja
va:155)
at
weblogic.rjvm.MsgAbbrevOutputStream.flushAndSend(MsgAbbrevOutputStream.java:
163)
at
weblogic.rjvm.MsgAbbrevOutputStream.sendRecv(MsgAbbrevOutputStream.java:186)
at
weblogic.rmi.internal.BasicOutgoingRequest.sendRecv(BasicOutgoingRequest.jav
a:23)
at
weblogic.rmi.extensions.AbstractRequest.sendReceive(AbstractRequest.java:73)
at
com.unitor.message.server.UserInformationServiceBeanHomeImpl_WLStub.create(U
serInformationServiceBeanHomeImpl_WLStub.java:151)
at
com.unitor.message.server.UserInformationServiceBeanHomeImpl_ServiceStub.cre
ate(UserInformationServiceBeanHomeImpl_ServiceStub.java:121)
at
com.unitor.message.beans.gui.MessageLogic.getUserInformationService(MessageL
ogic.java:230)
at
com.unitor.message.beans.gui.MessageLogic.addUserInformation(MessageLogic.ja
va:186)
at com.unitor.message.beans.gui.MessageLogic.<init>(MessageLogic.java:104)
at
com.unitor.message.beans.gui.MessageApplication.internalStartApplication(Mes
sageApplication.java:64)
at
com.unitor.ifs.util.gui.UnitorApplication.startApplication(UnitorApplication
.java:167)
at
com.unitor.ifs.util.gui.DesktopApplication$ApplicationLoader.run(DesktopAppl
ication.java:676)
at
com.unitor.ifs.util.gui.DesktopApplication.startApplication(DesktopApplicati
on.java:303)
at
com.unitor.ifs.util.gui.UnitorDesktopAppStarter$SwingEventCall.run(UnitorDes
ktopAppStarter.java:294)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
The strange thing is that I can connect to my server if I run the client on
NT4 !!!
I solved the problem by modifying my local java.policy file with the
following settings:
// Test with HTTP tunnelling. 18.10.2001
[email protected]
permission java.util.PropertyPermission "proxyHost", "read";
permission java.util.PropertyPermission "proxyPort", "read";
permission java.util.PropertyPermission "http.proxyHost", "read";
permission java.util.PropertyPermission "http.proxyPort", "read";
permission java.net.SocketPermission "*","connect,resolve";
// Test with HTTP tunnelling. 18.10.2001
[email protected]
Have someone else experienced the same or similar problems ?
How can I make sure that the client gets access to read the properties
http.proxyHost, http.proxyPort, proxyHost and proxyPort without telling the
users of the client application to modify their java.policy files ?
Any leads will be greatly appreciated !
Regards
Sten RichardThis is in reply to the first post. I don't know what happened after.
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission sun.arch.data.model read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at org.eclipse.swt.internal.Library.loadLibrary(Library.java:167)
at org.eclipse.swt.internal.Library.loadLibrary(Library.java:151)
at org.eclipse.swt.internal.C.<clinit>(C.java:21)
If you read the above trace from bottom to top, it shows none of you classes, only classes from that Eclipse library, which seems to loadLibrary() a native DLL. In order to do this, it needs to call System.getProperty( "sun.arch.data.model" ). This call is not allowed from un unsigned applet. So I guess you need to sign the applet and this problem will go away. Many other problems may follow. Just read very very carefully all the related documentation, which I did not. -
Java.security.AccessControlException when calling web service from applet
I have an applet that calls a webservce (Xmethods' delayed stock quote service). When I run the applet in appletviewer, I get the following:
[SOAPException: faultCode=SOAP-ENV:Client; msg=Error opening socket: java.security.AccessControlException: access denied (java.net.SocketPermission 66.28.98.121:9090 connect,resolve); targetException=java.lang.IllegalArgumentException:
Error opening socket: java.security.AccessControlException:
access denied
etc.....
My code works fine as an application, but not as an applet. (This was after I eventually had to extract the necessary SOAP .jar files into the same directory as my applet, but that's another topic...or maybe not?)
Help!
Regards,
John KirkseyThe default security settings does not give an applet to connect to any other server apart from the one from which it was downloaded. This is your problem. To mitigate that you have to change the security setting of the applet conatiner i.e the JVM in the browser.
Ironluca -
BPEL Call synchronous ESB java.security.PrivilegedActionException
There is three project :
BPEL A : synchronous process , reply fault
ESB1 : Exxcetion type : synchronous, use BPEL A as SOAP service
BPEL B : synchronous process ,call ESB1
When invoke ESB1 in em , it works good.
But when execute BPEL B in BPELConsole , the following fault occured :
<remoteFault xmlns="http://schemas.oracle.com/bpel/extension">
- <part name="summary">
<summary>
exception on JaxRpc invoke: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: Connection refused: connect
</summary>
</part>
</remoteFault>
What's wrong with this ?
Anyone help me ?There is three project :
BPEL A : synchronous process , reply fault
ESB1 : Exxcetion type : synchronous, use BPEL A as SOAP service
BPEL B : synchronous process ,call ESB1
When invoke ESB1 in em , it works good.
But when execute BPEL B in BPELConsole , the following fault occured :
<remoteFault xmlns="http://schemas.oracle.com/bpel/extension">
- <part name="summary">
<summary>
exception on JaxRpc invoke: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: Connection refused: connect
</summary>
</part>
</remoteFault>
What's wrong with this ?
Anyone help me ? -
How to get Java source in applet stack trace to debug Java security manager
How can I get line numbers for Java source in stack traces for my applet? I'm having a problem with my code-signing certificate. On one of my applets, I consistently get a NullPointerException inside the security dialog code in the JDK. As a result, either the "trust this applet" dialog never appears, or even though it appears, it defaults to untrusted because of the exception, so I can't access any local files (and that's a bit of a problem for an applet whose sole purpose is to upload files to our server). I unzipped src.zip in my JDK directory and set the debug flag for my Ant <javac> task as well as set debuglevel to "lines." Anything else? Here's the trace that I'm getting so far. See that after the NullPointerException it assumes that the user has denied permission. If I could read this Java source maybe I could figure out why it hates my code-signing certificate (jarsigner, BTW, never complains when I verify my jar).
security: Blacklist file not found or revocation check is disabled
security: Accessing keys and certificate in Mozilla user profile: null
security: Loading Root CA certificates from D:\Program Files (x86)\Java\jre6\lib\security\cacerts
security: Loaded Root CA certificates from D:\Program Files (x86)\Java\jre6\lib\security\cacerts
security: Loading Deployment certificates from C:\Users\Rich\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Users\Rich\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA has been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: Start checking trusted extension for this certificate
security: Start comparing to jurisdiction list with this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment session certificate store
java.lang.NullPointerException
at com.sun.deploy.ui.UIFactory.showSecurityDialog(Unknown Source)
at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
at com.sun.deploy.security.X509Util.showSecurityDialog(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$700(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
security: User has denied the priviledges to the code
security: Adding certificate in Deployment denied certificate store
security: Added certificate in Deployment denied certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA has been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: Start checking trusted extension for this certificate
security: Start comparing to jurisdiction list with this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment denied certificate storeRats, now that I look at the stack trace and compare to what's in the JDK srce.zip, it appears that most of this code is not part of the JDK source. I don't see any com/sun/deploy, etc.
-
Help : java.security.UnrecoverableKeyException: excess private key
Hi,
I require help for the exception "java.security.UnrecoverableKeyException: excess private key"
When i am trying to generate digital signature using PKCS7 format using bouncyCastle API, it gives the "java.security.UnrecoverableKeyException: excess private key" exception.
The full stack trace is as follows
------------------------------------------------------------------------java.security.UnrecoverableKeyException: excess private key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:120)
at java.security.KeyStore.getKey(KeyStore.java:289)
at com.security.Security.generatePKCS7Signature(Security.java:122)
at com.ibm._jsp._SendSecureDetail._jspService(_SendSecureDetail.java:2282)
at com.ibm.ws.jsp.runtime.HttpJspBase.service(HttpJspBase.java:93)
I had tested the program under following scenarios...
The Java Program for generating the digital signature independently worked successfully(without any change in policy files or java.security file) I have tested this independently on Sun's JDK 1.4, 1.6
For IBM JDK 1.4 on Windows machine for WAS(Webshere Application Server) 6.0, The Program for generating the digital signature using PKCS7 works fine, but it required IBM Policy files(local_policy.jar, US_export_policy.jar) and updation in java.security file
But the problem occurs in Solaris 5.10, WAS 6.0 where Sun JDK 1.4.2_6 is used.
I copied the unlimited strength policy files for JDK 1.4.2 from Sun's site(because the WAS 6.0 is running on Sun's JDK intead of IBM JDK)...
I changed the java.security file as follows(only changed content)
security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.security.jgss.IBMJGSSProvider
security.provider.3=com.ibm.crypto.fips.provider.IBMJCEFIPS
security.provider.4=com.ibm.crypto.provider.IBMJCE
security.provider.5=com.ibm.jsse2.IBMJSSEProvider2
security.provider.6=com.ibm.jsse.IBMJSSEProvider
security.provider.7=com.ibm.security.cert.IBMCertPath
security.provider.8=com.ibm.security.cmskeystore.CMSProvider
I have used PKCS12(PFX) file for digital signature
which is same for all environment(i have described as above)
I copied the PFX file from windows to solaris using WinSCP in binary format so the content of certificate won't get currupted.
I can not change the certificate because it's given by the company and which is working in other enviroments absolutely fine(just i have described above)
I have gone though the "http://forums.sun.com/thread.jspa?threadID=408066" and other URLs too. but none of them helped...
So what could be the problem for such exception?????
I am on this issue since last one month...
I know very little about security.
Thanks in advance
PLEASE HELP ME(URGENT)
Edited by: user10935179 on Sep 27, 2010 2:47 AM
Edited by: user10935179 on Sep 27, 2010 2:54 AMuser10935179 wrote:
The Java Program for generating the digital signature independently worked successfully(without any change in policy files or java.security file) If the program was working fine without changing the java.security policy file, why have you changed it to put the IBM Providers ahead of the SunRsaSign provider?
While I cannot be sure (because I don't have an IBM provider to test this), the error is more than likely related to the fact that the IBM Provider implementations for handling RSA keys internally are different from the SunRsaSign provider. Since you've now forced the IBM provider ahead of the original Sun provider, you're probably running into interpretation issues of the encoded objects inside the keystore.
Change your java.security policy back to the default order, and put your IBM Providers at the end of the original list and run your application to see what happens.
Arshad Noor
StrongAuth, Inc. -
Java.security.AccessControlException in a RMI application
Hello,
I have the following error, while I'm launching my RMI application :
access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at java.security.AccessController.checkPermission(AccessController.java:399)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1044)
at java.net.Socket.<init>(Socket.java:262)
I was trying the following instruction :
if (System.getSecurityManager() == null)
System.setSecurityManager(new RMISecurityManager());
try{
Recepteur obj = new Recepteur();
Naming.rebind("//localhost/Recepteur", obj);
However, I have written in the java.policy file :
grant codeBase "http://127.0.0.1:1099/-" {
permission java.security.AllPermission;
Does anyone know how to solve this problem ?
ThxHelp him please or he would be obliged to give me the dukes...
-
Java.security.AccessControlException while trying to run the server app
ok, pretty new with java and rmi, so I wanted to run the application from the sun rmi tutorial
http://java.sun.com/docs/books/tutorial/rmi/TOC.html.
It all builds ok, i run the rmiregistry ,but when i try to run the server i get :
java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1034)
at java.net.Socket.connect(Socket.java:513)
at java.net.Socket.connect(Socket.java:469)
at java.net.Socket.<init>(Socket.java:366)
at java.net.Socket.<init>(Socket.java:180)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:22)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:128)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:595)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:198)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:184)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:322)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at engine.ComputeEngine.main(ComputeEngine.java:30)
what i noticed is that this output is similar to not running rmiregistry at all, so i guess the problem is with the way i'm running rmiregistry
thx in advanceYou're running the server with a SecurityManager. There's no need to do that at first. Get rid of it. When you have it working, write yourself a .policy file that grants that permission, and any others you discover it needs, and name that as your security policy file, e.g.
java -Djava.security.policy=my.policy -Djava.security.manager mypackage.MyServer ... -
Hello,
I am very near to complete my this task but every time i think this i find myself stuck in a new exception. Plz get me out of it.My problem is:
I created a client/server chat applet for providing online support to our company site visitors. Both server and client are applet.I am using serversocket at server side and socket(getCodeBase()) at client side to establish the connection.
The code compiled and run fine, without any exception or error when i run it on a standalone PC (althought PC is in LAN but i used that PC name to connect to itself).
But when i uploaded the applet on my personal site (i don't know any other way to test it:- dont know how to use tomcat even yet.) it is throwing an exception:-
java.security.AccessControlException: access denied (java.lang.RuntimePermission exitVM)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkExit(Unknown Source)
at java.lang.Runtime.exit(Unknown Source)
at java.lang.System.exit(Unknown Source)
at Connect.run(ClientChat.java:229)
at java.lang.Thread.run(Unknown Source)
I didnt made it jar or signed the applet which is not needed bcoz applet is trying to make connection to the site it is loaded from. I think i have to grant permission in the policy file and then complie it again. But i couldnt find which permission to grant. Plz pull me out of this problem, I dont want to drown on shore.
Thanx in advance CHAO
luv
Manuat java.lang.Runtime.exit(Unknown Source)
at java.lang.System.exit(Unknown Source)
at Connect.run(ClientChat.java:229)
at java.lang.Thread.run(Unknown Source)You can't call System.exit() from an Applet - there might be other things running in the JVM that you would be killing. Stop that.
Grant -
JApplet java.security.AccessControlException
Hello
I have a JApplet which needs to be connected with the server. When I run the server on my local machine, there is no problem in the connection. But If I run the server from the remote machine, I get this exception in my browser:
Exception in thread "AWT-EventQueue-2" java.security.AccessControlException: access denied (java.net.SocketPermission estudy.math.uh.edu resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at java.net.InetSocketAddress.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at org.uhmath.gui.StudentAppletGUI$4.actionPerformed(StudentAppletGUI.java:217)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.AbstractButton.doClick(Unknown Source)
at javax.swing.plaf.basic.BasicMenuItemUI.doClick(Unknown Source)
at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
Ln 217 is conn = new Socket(host, port); //conn is a socket object.
Someone said that the PolicyTool might help. I m lost, can someone help me out here??
Thanks a lot!If you connect to the server where the applet was loaded from, you should not get that exception. Make sure you use the same name for both (e.g. don't download the applet from http://yourserver.com/ and then try to connect your socket to 123.45.67.89).
Maybe you are looking for
-
IPhoto: Using Adobe Bridge
I am presently using both iPhoto and FCPX. I only use iPhoto store the photos and images I use in albums. If I need to modify them I take them into Photoshop and then save them backin iPhoto. However, I now have about 5,000 images and feel a need to
-
Pass querystring parameter value to crystal report
Post Author: hani1426 CA Forum: .NET Hi all, I am new in using crystal reports I want to print an invoice with it's items in a crystal report,I have aseparated page which contains a GridView of invoices and it has a hyperlink field column which parse
-
how do I get my paid in full service back
-
Erase and sync issues (backup/restore)
Hello. I have an issue with the backup/restore with my iPhone. Sometimes, it is difficult to find an answer that fits your problem exactly on the forum! Lots of good stuff though! This post will be little longer than normal, but I need to get all th
-
There is not any question, but wondering why Apple does not consider an optional feature to enable/disable small/ large caller picture! It was very attractive feature when my dear contacts was calling me, so sorry for myself to loos such a good previ