RMI with SSL problem (cross post under RMI too)

Hi,
I'm having problems using RMI with SSL. I posted in the RMI forum originally but now realise the problems are with the SSL really.
Perhaps someone who follows this forum could help.
See post:
http://forum.java.sun.com/thread.jsp?forum=58&thread=409347
Thanks.

There's more dukes in the other thread too.

Similar Messages

RMI with SSL server authentification

Hello,
It is possible to implement a RMI over SSL client /server with only server authentification ?
I'have got currently a RMI SSL client/server with mutual authentification. It includes that client must have a keystore but i don't want that.
If anybody has an idea, its welcome.
tjm

Indeed i 'm working to implement a keustorespi for the keystore and i would like
In fact I'm working to implement myself a keystorespi for the keystore and I would like that only server use it and client have no keystore.
It is possible

Possible to decode an IRIG-B timestamp with NI-6601 (cross-posted on LabVIEW)

We are preparing for a test that requires both time-varying data and quasi-steady data to be recorded and coordinated with a sort of timestamp.
We can feed the IRIG signal into one of our NI-4472 channels in one DAQ system, but we need to coordinate with another DAQ system which is
sampling at much lower rates and time-averaging the data (using a 6224 card and external devices).
We have a PCI-6601 counter-timer card available but I only see examples and discussion of reading the IRIG-B signal with counters on the 6608 card.
Can I do the same thing with the 6601 card?
Thanks
Dave

Duplicate
Ryan Verret
Product Marketing Engineer
Signal Generators
National Instruments

IE with SSL problem

HI All,
I am using https to display my pages.
But when I display .xls file over https it doesn't open and gives me a error "Internet explorer can not downloaded".
So is there any setting in IE to be done or need to change MIME type or any other way...
Throw some ideas...
Thanks

Be sure you are declaring the proper MIME type. For a xls file, it is "application/vnd.ms-excel", so you need to declare it in your code:
response.setContentType("application/vnd.ms-excel");
hth
juanjo bazan

I'm getting "an error occurred loading this content" when trying to airplay youtube from my iPhone 5. My brother is using his iPhone 4s with no problem. Is there something wrong with my settings?

I'm trying to airplay youtube from my iPhone 5 but I'm getting the error message. I can airplay music, pictures, and other video, but no streaming. My brother is using my appletv and wi-fi with his iphone 4s with no problems. Any suggestions?

I started having this problem a week or so ago, after having used the Apple TV for a couple of months with only some minor problems. Yesterday, however, I started getting this problem again and today I could not get to Airplay from my Ipad - just kept getting the "error occurred" message on my tv screen. I tried the various fixes I could find on Google - at least the ones I could understand - but with no luck. Then I decided to bite the bullet and pay for Apple support, even tho the problem is with the device and not due to my ignorance. So I talked with a support person who said I would have to pay $19.95 for 30 days of support and was glad to take my credit card information. This person had never heard of the problem, and ending up bumping me up to an Apple TV specialist, after spending 20 minutes or so on hold, and explaining the problem, etc. I finally got to the specialist who had heard of this problem and said that she was crediting me for the $19.95, since the problem is due to a KNOWN HARDWARE ERROR. In fact, she said that Apple would give me a new, replacement unit if I would go to the nearest Apple store. This even tho I bought the unit used - it is still covered. Now I have to make a 100 mile round trip to the Apple store, since Apple won't send the new one out in the mail, even if I return mine first. And Apple won't pay for my gas. So that's the mostly good and some bad news. I hope that the new unit won't have this problem, but I think the bigger issue is that since Apple knew about the problem that affects certain serial numbers, why don't they post that information on their support sites or just make it findable by a Google search. Whenever I have had a problem with Windows, I have always been able to find a Microsoft article or fix addressing it by doing a Google search, but Apple, always desiring to be arcane and opaque, isn't interested in this approach. In fact, why not just put together a "known problems" site for Apple products so that users can find this kind of information easily, without having to put out $19.95 for technical support that isn't needed, and wasting their own time (and money, as in my case, for gas). The bottom line is that all of the people with this problem who posted (and there are many) were apparently ignorant that Apple KNEW ABOUT THE PROBLEM AND WILL REPLACE THE BAD UNITS. This is because, I am sure, they don't want to shell out the $19.95. Anyway, hope this helps someone. I doubt if Apple will listen to the suggestion. Good luck..

A problem in RMI with JSP..pls help

RMI with Java is working fine,but...
1. I am facing a problem when i use RMI with JSP..its throwing an exception during "Naming.lookup"..here is my code snippet:
// i have stored the ServerInf and other classes in a package and i have imported it in the jsp code....object ref is getting created but lookup is throwing an exception...thoguh RMI registry is working(started)
<%
try {
ServerInf ref = (ServerInf)Naming.lookup("rmi://localhost:1098/Server_bind");
catch (Exception ex) {
ex.printStackTrace();
%>
Pls tel me the cause.
2. If i try to use RMI with Servlet and JSP, then wen the JSP runs then, it simply calls the servlet file and displayes a lonk to it instead of executing the servlet class. pls help me with this too...below is the invoking statement:
<form method=post action='http://localhost:8080/servlet/MyRMIservlet'>
hello <input type=submit value=submit>

And the exception and error message is.....

How to configure OC4J using RMI/IIOP with SSL

Any help?
I just mange configure the OC4J using RMI/IIOP but base on
But when I follow further to use RMI/IIOP with SSL I face the problem with: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
p/s: I use self generate keystore which should be ok as I can use it for https connection.
Any one can help?
Below is the OC4J log:
D:\oc4j\j2ee\home>java -Djavax.net.debug=all -DGenerateIIOP=true -Diiop.runtime.debug=true -jar oc4j.jar
05/02/23 16:43:16 ================ IIOPServerExtensionProvider.preInitApplicationServer
05/02/23 16:43:38 ================= IIOPServerExtensionProvider.postInitApplicationServer
05/02/23 16:43:38 ================== config = {SEPS={IIOP={ssl-port=5556, port=5555, ssl=true, trusted-clients=*, ssl-client-server-auth-port=5557, keystore=D:\\oc4j\\j2ee\\home\\server.keystore, keystore-password=123456, truststore=D:\\oc4j\\j2ee\\home\\server.keystore, truststore-password=123456, ClassName=com.oracle.iiop.server.IIOPServerExtensionProvider, host=localhost}}}
05/02/23 16:43:38 ================== server.getAttributes() = {threadPool=com.evermind.server.ApplicationServerThreadPool@968fda}
05/02/23 16:43:38 ================== pool: null
05/02/23 16:43:38 ====================== In startServer ...
05/02/23 16:43:38 ==================== Creating an IIOPServer ...
05/02/23 16:43:38 ========= IIOP server being initialized
05/02/23 16:43:38 SSL port: 5556
05/02/23 16:43:38 SSL port 2: 5557
05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(IIOP_CLEAR_TEXT, 5555, null)
05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = IIOP_CLEAR_TEXT port = 5555 )
05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL, 5556, null)
05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL port = 5556 )
05/02/23 16:43:45 ***
05/02/23 16:43:45 found key for : mykey
05/02/23 16:43:45 chain [0] = [
Version: V1
Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
b1239fff 2ae5d31d b01a0cfb 1186bae0 bbc7ac41 94f24464 e92a7e33 6a5b0844
109e30fb d24ad770 99b3ff86 bd96c705 56bf2e7a b3bb9d03 40fdcc0a c9bea9a1
c21395a4 37d8b2ce ff00eb64 e22a6dd6 97578f92 29627229 462ebfee 061c99a4
1c69b3a0 aea6a95b 7ed3fd89 f829f17e a9362efe ccf8034a 0910989a a8573305
Validity: [From: Wed Feb 23 15:57:28 SGT 2005,
To: Tue May 24 15:57:28 SGT 2005]
Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
SerialNumber: [ 421c3768]
Algorithm: [MD5withRSA]
Signature:
0000: 34 F4 FA D4 6F 23 7B 84 30 42 F3 5C 4B 5E 18 17 4...o#..0B.\K^..
0010: 73 69 73 A6 BF 9A 5D C0 67 8D C3 56 DF A9 4A AC sis...].g..V..J.
0020: 88 AF 24 28 C9 39 16 22 29 81 01 93 86 AA 1A 5D ..$(.9.")......]
0030: 07 89 26 22 91 F0 8F DE E1 4A CF 17 9A 02 51 7D ..&".....J....Q.
0040: 92 D3 6D 9B EF 5E C1 C6 66 F9 11 D4 EB 13 8F 17 ..m..^..f.......
0050: E7 66 58 9F 6C B0 60 7C 39 B4 E0 B7 04 A7 7F A6 .fX.l.`.9.......
0060: 4D A5 89 E7 F4 8A DC 59 B4 E7 A5 D4 0A 35 9A F1 M......Y.....5..
0070: A2 CD 3A 04 D6 8F 16 B1 9E 6F 34 40 E8 C0 47 03 ..:[email protected].
05/02/23 16:43:45 ***
05/02/23 16:43:45 adding as trusted cert:
05/02/23 16:43:45 Subject: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Issuer: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3779
05/02/23 16:43:45 Valid from Wed Feb 23 15:57:45 SGT 2005 until Tue May 24 15:57:45 SGT 2005
05/02/23 16:43:45 adding as trusted cert:
05/02/23 16:43:45 Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3768
05/02/23 16:43:45 Valid from Wed Feb 23 15:57:28 SGT 2005 until Tue May 24 15:57:28 SGT 2005
05/02/23 16:43:45 trigger seeding of SecureRandom
05/02/23 16:43:45 done seeding SecureRandom
05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL_MUTUALAUTH, 5557, null)
05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL_MUTUALAUTH port = 5557 )
05/02/23 16:43:45 matching alias: mykey
matching alias: mykey
05/02/23 16:43:46 ORB created ..com.oracle.iiop.server.OC4JORB@65b738
05/02/23 16:43:47 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc [email protected]7
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc com.sun.corba.ee.internal.corba.ServerDelegate@9300cc
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Entering dispatch method
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Consuming service contexts, GIOP version: 1.2
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Has code set context? false
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Dispatching to servant
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Handling invoke handler type servant
05/02/23 16:43:48 NS service created and started ..org.omg.CosNaming._NamingContextExtStub:IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
05/02/23 16:43:48 NS ior = ..IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
05/02/23 16:43:48 Oracle Application Server Containers for J2EE 10g (9.0.4.0.0) initialized
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Server getConnection(119e583[Unknown 0x0:0x0: Socket[addr=/127.0.0.1,port=1281,localport=5556]], SSL)
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): host = 127.0.0.1 port = 1281
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Created connection Connection[type=SSL remote_host=127.0.0.1 remote_port=1281 state=ESTABLISHED]
com.sun.corba.ee.internal.iiop.MessageMediator(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): Creating message from stream
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, handling exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, SEND TLSv1 ALERT: fatal, description = unexpected_message
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, WRITE: TLSv1 Alert, length = 2
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeSocket()
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ReaderThread(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): IOException in createInputStream: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.readFully(MessageBase.java:520)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.createFromStream(MessageBase.java:58)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.MessageMediator.processRequest(MessageMediator.java:110)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.IIOPConnection.processInput(IIOPConnection.java:339)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.ReaderThread.run(ReaderThread.java:63)
05/02/23 16:45:14 Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.b(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
05/02/23 16:45:14 ... 6 more
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.IIOPConnection(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): purge_calls: starting: code = 1398079696 die = true
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): DeleteConn called: host = 127.0.0.1 port = 1281

Good point, I do belive what you are referring to is this:
Any client, whether running inside a server or not, has EJB security properties. Table 15-2 lists the EJB client security properties controlled by the ejb_sec.properties file. By default, OC4J searches for this file in the current directory when running as a client, or in ORACLE_HOME/j2ee/home/config when running in the server. You can specify the location of this file explicitly with the system property setting -Dejb_sec_properties_location=pathname.
Table 15-2 EJB Client Security Properties
Property Meaning
# oc4j.iiop.keyStoreLoc
The path and name of the keystore. An absolute path is recommended.
# oc4j.iiop.keyStorePass
The password for the keystore.
# oc4j.iiop.trustStoreLoc
The path name and name of the truststore. An absolute path is recommended.
# oc4j.iiop.trustStorePass
The password for the truststore.
# oc4j.iiop.enable.clientauth
Whether the client supports client-side authentication. If this property is set to true, you must specify a keystore location and password.
# oc4j.iiop.ciphersuites
Which cipher suites are to be enabled. The valid cipher suites are:
TLS_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_RC4_40_MD5
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
nameservice.useSSL
Whether to use SSL when making the initial connection to the server.
client.sendpassword
Whether to send user name and password in clear form (unencrypted) in the service context when not using SSL. If this property is set to true, the user name and password are sent only to servers listed in the trustedServer list.
oc4j.iiop.trustedServers
A list of servers that can be trusted to receive passwords sent in clear form. This has no effect if client.sendpassword is set to false. The list is comma-delimited. Each entry in the list can be an IP address, a host name, a host name pattern (for example, *.example.com), or * (where "*" alone means that all servers are trusted.

RMI SSL problem

Hi, I am learning RMI whit SSL and I have a problem, I cant run the example form the RMI SSL tutorials.
I can run the server, and bind the object but the client throw this exception:
HelloClient exception: error during JRMP connection establishment; nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:274)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:171)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:306)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at HelloClient.main(HelloClient.java:60)...
can you help me???

Hi,
Dis you solved the probelm ? I am facing the similar exception. I am using jre1.5.0_11.
Regards,
Titas Mutsuddy

RMI over SSL under Web Start can't find trusted certificate

I have implemented RMI over SSL to get a Java EJB Client application talking to a JRun server over SSL. It works fine from the command line, but when I try to run it as a Web Start application, I get
java.security.cert.CertificateException: Couldn't find trusted certificate
(More complete stack trace below)
I am using a test certificate, not one from a bona fide CA.
I have tried putting the key store file in one of the jars used by the application, and adding:
<argument>-Djavax.net.ssl.trustStore=jssecacerts</argument>
and
<argument>-Djavax.net.ssl.trustStore=jar:http://ip/app/xxx/lib/JarWithCacs.jar!/jssecacerts</argument>
to no avail.
If I copy the jssecacerts to Web Start's jre/lib/security directory, it works fine.
I have seen other postings that say to use keytool to update the JRE used by Web Start, but that kind of defeats the purpose of Web Start: zero admin client. I can't touch each user's machine.
I have seen other posts saying to implement a more relaxed trust manager, but that doesn't seem right either.
I am using JDK 1.4.1_02b6 on Win2k. This should be irrelevant: JRun 4 sp1a.
Is there a way to specify the jssecacerts file in the jnlp file so Web Start will recognize it?
Thanks for any help,
John

I think I have an answer:
1) Package the truststore file in the client JAR file
2) Add code to the client to copy the truststore from the JAR file to the client hard drive
3) Add code to the client to set the truststore properties to refer to the file on the client hard drive
<<code>>
private void setupTrustStore() {
try {
// save truststore file to local disk
File homeDir = new File(System.getProperty("user.home"));
File trustStoreFile = new File(homeDir, "mytruststore");
URL url =
this.getClass().getClassLoader().getResource("mytruststore");
BufferedInputStream in =
new BufferedInputStream(url.openStream());
BufferedOutputStream out =
new BufferedOutputStream(new FileOutputStream(trustStoreFile));
while(true) {
int data = in.read();
if(data < 0) break;
out.write(data);
in.close();
out.flush();
out.close();
// set truststore properties
System.setProperty("javax.net.ssl.trustStore",
trustStoreFile.getPath());
System.setProperty("javax.net.ssl.trustStorePassword", "mypasswd");
} catch(Exception e) {
e.printStackTrace();
}

Rmi over ssl in jdk1.5.0

hi,
i am trying to connect a remote machine with rmi over ssl. but i got the following exceptions;
java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is:
Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding
Caused by: java.lang.IllegalArgumentException: can't support mode ECB
i am using jdk1.5.0. i have tried many samples but i have not run them successfully however they were running successfully in j2sdk1.4.2.
also i downloaded the bouncycastle provider but it did not work.
is there anybody who knows about a running sample about rmi and ssl in jdk1.5.0? please send me....
email: [email protected]

Hi!
I know it's not the exactly right topic, but I've nearly the same problem with a https connection for a webService. I'm not using turkish locale, I'm using BouncyCastle and the "Unlimited Strength" policy files. I've no problems if i start my application with eclipse, starting it with jdk1.5.0_03\jre\bin\java or jre1.5.0_03\bin\java form commandline i get the same stacktrace:
javax.net.ssl.SSLKeyException: RSA premaster secret error
Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding
Caused by: java.lang.IllegalArgumentException: can't support mode ECB
if i try to get the cipher with
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
I'll get the same stacktrace, with
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
i works fine, but I've no idea how to run this code out of axis...
Thanks & Regards
Helmut

Need help w/ wierd problem maybe caused by RMI/sockets

Hi.
I'm having a potential problem at a customer site which
has me completely baffled and with which I could do with
some help.
I've written and deployed at the customer site an Client/
Server application, developed using RMI. The problem occurs
on the server side.
I've implemented my own SocketFactory and am restricting
the sockets to ports 8091 and 8091 - through the SocketFactory
and through the constructor of java.rmi.server.UnicastRemoteObject.
The server is waiting for incoming commections. The DGC
regularly does maintenance and garbage collection, triggering
my SocketFactory. Server machine is Windows 2000. The server
machine has local server ports 8090 and 8091 in LISTENING
state (on 0.0.0.0:8090 and 0.0.0.0:8091).
The server, machine A, is waiting for incoming connections from
the client application, on machine B, which is not running. On the
same network segment are machines C, D and E (all Linux machines),
on which NONE of my software is running, and which should have
NOTHING to do with my system. These machines are communicating
amongst themselves, but not with machine A.
The customer claims (I'm not on-site, so I can't check), that
after a random time of running my server application 24/7 (the
first time after about a week, the second time after only 3 hours),
machines C, D and E were no longer able to exchange data. As soon
as my server application on machine A is aborted, systems C,
D and E are again able to exchange data - immediately.
What I don't understand is:
How is it possible, that an RMI server application, which
has opened sockets, accept()s them, has the open sockets
in LISTENING state, but is not actively sending data,
IN ANY WAY influences the traffic on the rest of the subnet?
Do opened Sockets in the accept() state send ANY form of
traffic over the network?
Is there any way I can influence other machines on the
network, simply by opening a bunch of inbound sockets? To
the best of my understanding of networks and TCP/IP there
should be no way to do that. Or am I wrong?
Again, I'd appreciate any help or pointer or even wild
theory related to this problem.
Thanks,
Daniel

For starters, why don't you try changing the ports you are using?

HT201415 After a months of stable work my new IPad suddenly denies to find cell network under any circumstances.Please advice if anyone familiar with that problem?

After a months of stable work my new IPad suddenly denies to find cell network under any circumstances.Please advice if anyone familiar with that problem?

It sounds like there are a couple things going on here. First check if you have a successful install of SQL Server, then we'll figure out the connection issues.
Can you launch SQL Server Configuration Manager and check for SQL Server (MSSQLSERVER) if default instance or SQL Server (other name) if you've configured your instance as a named instance. Once you find this, make sure the service is started.
If not started, try to start it and see if it throws an error. If you get an error, post the error message your hitting. If the service starts, you can then launch SSMS and try to connect. If you have a default instance, you can use the machine
name in the connection dialog. Ex: "COWBOYS" where Cowboys is the machine name. However, if you named the SQL Server instance during install, you'll need to connect using the machine\instance format. Ex: COWBOYS\Romo (where Romo
is the instance name you set during install).
You can also look at the summary.txt file in the SQL Server setup error logs to see what happened on the most recent install. Past install history is archived in the log folder if you need to dig those up to help troubleshoot, but the most
recent one may help get to the bottom of it if there is an issue with setup detecting a prior instance that needs to be repaired.
Thanks,
Sam Lester (MSFT)
http://blogs.msdn.com/b/samlester
This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click
"Mark as Answer" and
"Vote as Helpful" on posts that help you. This can be beneficial to other community members reading the thread.

WebLogic RMI UNIX Performance problem

Hi.
I'm experiencing problems with the performance of RMI calls from within session
beans to external RMI services. I have a system running 4 RMI services in separate
JVMs to weblogic 6.1 instance on Solaris 2.6 on SPARC boxes with 1+ Gb of RAM.
The system was developed on NT and deployed to UNIX. A typical request is serviced
in 70-90 ms on the NT development box (Desktop 512Mb RAM) but when deployed to
the UNIX box takes anywhere between 500-4000 ms. Performance metrics in the code
indicate that 'crunch' times are similar but remote RMI calls are orders of magnitude
greater.
Has anybody had similar problems? I have checked the tuning guides wrt TCP/IP
configurations but would not expect such a large difference using the default
Solaris configuration. Memory and CPU utilisation on the SPARC are low as are
I/O and other metrics available from vmstat.
Cheers
Pete

Hi.
The JVMs are running on the same machine thus should be looking in /etc/hosts
and not going via DNS.
I have read there is a performance gain by tying WL to a single CPU, any insight?
Pete
Andy Piper <[email protected]> wrote:
"Pete Harris" <[email protected]> writes:
I'm experiencing problems with the performance of RMI calls from withinsession
beans to external RMI services. I have a system running 4 RMI servicesin separate
JVMs to weblogic 6.1 instance on Solaris 2.6 on SPARC boxes with 1+Gb of RAM.
The system was developed on NT and deployed to UNIX. A typical requestis serviced
in 70-90 ms on the NT development box (Desktop 512Mb RAM) but whendeployed to
the UNIX box takes anywhere between 500-4000 ms. Performance metricsin the code
indicate that 'crunch' times are similar but remote RMI calls are ordersof magnitude
greater.
Has anybody had similar problems? I have checked the tuning guideswrt TCP/IP
configurations but would not expect such a large difference using thedefault
Solaris configuration. Memory and CPU utilisation on the SPARC arelow as are
I/O and other metrics available from vmstat.Its possible that you are getting a DNS lookup for each request or
worse a reverse lookup. You might want to try using IP addresses in
your config to see if that helps.
andy

Problem with SSL socket(SSLSocketFactoryImpl.createSocket())

Hello,
I'm trying to create a ssl socket but I get an exception, I really don't know why. I have alredy include the certificate via keytool to my jdk. And I'm able to get html header with URLConnection with the code below
import java.net.URL;
import java.net.URLConnection;
public class testClass {
     public static void main(String[] args) throws Exception {
          try{
               URL url = new URL("https://ippbx1:8443/axl/");
               String userPassword = "****" + ":" + "****";
               String encoding = new sun.misc.BASE64Encoder().encode (userPassword.getBytes());
               URLConnection c = url.openConnection();
               c.setRequestProperty("Authorization", "Basic " + encoding);
               for (int i=0; ; i++)
                    String name = c.getHeaderFieldKey(i);
                    String value = c.getHeaderField(i);
                    if (name == null && value == null)     // end of headers
                         break;
                    if (name == null)     // first line of headers
                         System.out.println("Server HTTP version, Response code:");
                         System.out.println(value);
                         System.out.print("\n");
                    else
                         System.out.println(name + "=" + value);
          catch (Exception e) {}
}and I get the following result :
Server HTTP version, Response code:
HTTP/1.1 200 OK
Server=Apache-Coyote/1.1
Pragma=No-cache
Cache-Control=no-cache
Expires=Thu, 01 Jan 1970 01:00:00 CET
Set-Cookie=JSESSIONIDSSO=77670D5480DAD295C6519E812F9FED64; Path=/
Set-Cookie=JSESSIONID=B71BDB730FA5B3B431D3B16C41E190E3; Path=/axl; Secure
Content-Type=text/html;charset=ISO-8859-1
Content-Length=233
Date=Wed, 10 Jun 2009 15:17:10 GMTBut when I try to make a socket :
import java.io.*;
import java.net.*;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
public class axlforward {
     public static void main(String[] args) {
String address = "https://ippbx1:8443/axl/";
          int portnum = 8443;
try
               SocketFactory socketFactory = SSLSocketFactory.getDefault();
               Socket socket = socketFactory.createSocket(address, portnum);
} catch (Exception e) {e.printStackTrace();} I get the following
java.net.UnknownHostException: https://ippbx1/axl/
     at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:177)
     at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
     at java.net.Socket.connect(Socket.java:519)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:550)
     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:353)
     at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:71)
     at axlforward.main(axlforward.java:89)I have a VB program that connects to the socket(with Inet1.Protocol = icHTTPS and Inet1.Execute strURL, "Post", strFormData, strFormHdr methods) and do what I want but I need to do it in Java but I'm not able to find the error.
the server socket is a Cisco callManager Service(AXL Web Service) which receives and html+SOAP request and sends back an xml response and this server socket is running correctly with no problem.
Thanks for your help.

Jdevelopper8709 wrote:
Thanks for your reply.
I now can access to my socket and get the information I want with:
SocketFactory socketFactory = SSLSocketFactory.getDefault();
               socket = (SSLSocket) socketFactory.createSocket("ippbx1", 8443);In fact the problem was a username/password issue.
Thanks.I quote from reply #1 "The address is just "ippbx1" and not "https://ippbx1:8443/axl/". The protocol is not part of the IP address.".

Please help with SSL POST: Servlet returns Error 500

I am struggling for many days to get a Java program to log in to an SSL page. The program is supposed to track ADSL usage statistics from https://secure.telkomsa.net/titracker/, but I never seem to get around Server returned Error 500.
Could anyone please help me understand what I am doing wrong by looking at the method I used. (It seems on the server side it is a jsp servlet that handles authentication).
Any help is deeply appreciated!
I copy-paste the method directly from NetBeans:
CODE>
void connectHTTPS(String url){
try {
URL page = new URL(url); // login page necessary to get a jsp session cookie
//------------ SET UP SSL - is it right?
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
try {
//if we have the JSSE provider available,
//and it has not already been
//set, add it as a new provide to the Security class.
final Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
Security.addProvider((Provider)clsFactory.newInstance());
} catch( ClassNotFoundException cfe ) {
throw new Exception("Unable to load the JSSE SSL stream handler." +
"Check classpath." + cfe.toString());
URLConnection urlc = page.openConnection();
urlc.setDoInput(true);
*Get the session id cookie set by the TelkomInternet java server
String cookie = urlc.getHeaderField("Set-Cookie");
//textpane.setText(totextpane);
textpane.setText(cookie);
//---------------- form an auth request and post it with the cookie
String postdata =URLEncoder.encode("ID_Field","UTF-8")+"="+URLEncoder.encode("myusrname","UTF-8")+"&"+URLEncoder.encode("PW_Field","UTF-8")+"="+URLEncoder.encode("mypwd","UTF-8")+"&"+URLEncoder.encode("confirm","UTF-8")+"="+URLEncoder.encode("false","UTF-8");
// set the servlet that handles authentication as target
URL page2 = new URL("https://secure.telkomsa.net/titracker/servlet/LoginServlet");
// cast to httpConn to enable setRequestMethod()
HttpURLConnection urlc2 = (HttpURLConnection)page2.openConnection();
// formulate request with POST data urlc2.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
urlc2.setRequestMethod("POST"); // experimental
urlc2.setRequestProperty("Content-Length",""+postdata.length());
urlc2.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)");
urlc2.setRequestProperty("Accept-Language","en-us");
urlc2.setUseCaches(false);
urlc2.setDoOutput(true);
urlc2.setDoInput(true);
urlc2.setFollowRedirects(true); // ??
//send cookies
urlc2.setRequestProperty("Set-Cookie", cookie); // or "Cookie" - doesn't work either
//write other data
PrintWriter out = new PrintWriter(urlc2.getOutputStream());
out.print(postdata); // username and password here
out.flush();
out.close();
//---------------- get the authenticated page with real ADSL statistics
BufferedReader br = new BufferedReader(new InputStreamReader(urlc2.getInputStream()));
String totextpane = "";
String buffer = "";
while (buffer != null) {
try {
totextpane = totextpane + "\n" + buffer;
buffer = br.readLine();
} catch (IOException ioe) {
ioe.printStackTrace();
break;
textpane.setText(totextpane);
} catch (Exception ex) {
System.err.println(ex.getMessage());
---- END CODE---
Thank you very much for any attempt at helping with this problem!

I am struggling for many days to get a Java program to log in to an SSL page. The program is supposed to track ADSL usage statistics from https://secure.telkomsa.net/titracker/, but I never seem to get around Server returned Error 500.
Could anyone please help me understand what I am doing wrong by looking at the method I used. (It seems on the server side it is a jsp servlet that handles authentication).
Any help is deeply appreciated!
I copy-paste the method directly from NetBeans:
CODE>
void connectHTTPS(String url){
try {
URL page = new URL(url); // login page necessary to get a jsp session cookie
//------------ SET UP SSL - is it right?
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
try {
//if we have the JSSE provider available,
//and it has not already been
//set, add it as a new provide to the Security class.
final Class clsFactory = Class.forName("com.sun.net.ssl.internal.ssl.Provider");
if( (null != clsFactory) && (null == Security.getProvider("SunJSSE")) )
Security.addProvider((Provider)clsFactory.newInstance());
} catch( ClassNotFoundException cfe ) {
throw new Exception("Unable to load the JSSE SSL stream handler." +
"Check classpath." + cfe.toString());
URLConnection urlc = page.openConnection();
urlc.setDoInput(true);
*Get the session id cookie set by the TelkomInternet java server
String cookie = urlc.getHeaderField("Set-Cookie");
//textpane.setText(totextpane);
textpane.setText(cookie);
//---------------- form an auth request and post it with the cookie
String postdata =URLEncoder.encode("ID_Field","UTF-8")+"="+URLEncoder.encode("myusrname","UTF-8")+"&"+URLEncoder.encode("PW_Field","UTF-8")+"="+URLEncoder.encode("mypwd","UTF-8")+"&"+URLEncoder.encode("confirm","UTF-8")+"="+URLEncoder.encode("false","UTF-8");
// set the servlet that handles authentication as target
URL page2 = new URL("https://secure.telkomsa.net/titracker/servlet/LoginServlet");
// cast to httpConn to enable setRequestMethod()
HttpURLConnection urlc2 = (HttpURLConnection)page2.openConnection();
// formulate request with POST data urlc2.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
urlc2.setRequestMethod("POST"); // experimental
urlc2.setRequestProperty("Content-Length",""+postdata.length());
urlc2.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)");
urlc2.setRequestProperty("Accept-Language","en-us");
urlc2.setUseCaches(false);
urlc2.setDoOutput(true);
urlc2.setDoInput(true);
urlc2.setFollowRedirects(true); // ??
//send cookies
urlc2.setRequestProperty("Set-Cookie", cookie); // or "Cookie" - doesn't work either
//write other data
PrintWriter out = new PrintWriter(urlc2.getOutputStream());
out.print(postdata); // username and password here
out.flush();
out.close();
//---------------- get the authenticated page with real ADSL statistics
BufferedReader br = new BufferedReader(new InputStreamReader(urlc2.getInputStream()));
String totextpane = "";
String buffer = "";
while (buffer != null) {
try {
totextpane = totextpane + "\n" + buffer;
buffer = br.readLine();
} catch (IOException ioe) {
ioe.printStackTrace();
break;
textpane.setText(totextpane);
} catch (Exception ex) {
System.err.println(ex.getMessage());
---- END CODE---
Thank you very much for any attempt at helping with this problem!

RMI with SSL problem (cross post under RMI too)

Similar Messages

Maybe you are looking for