SSLServerSocket problem

Similar Messages

• Can I open a SSLServerSocket on a mobile phone supporting MIDP2.0

  If you know if I can open a SSLServerSocket on a mobile phone, please send email to [email protected]
  Thanks.

  Hello my friend,
  This is a forum, it is not nice to ask people to reply you to your email, Everybody should post the solution to a problem or suggestion something that other people who are having the same kind of problem can read it and work it out.
  About your question no J2ME doesnt implement SSLServerSocket , but in MIDP2 it has got HTTPS support, use it if you want for secure connection.
  Manas

• Urgent : problems in authenticating the client

  Hi every one,
  Im new to SSL and have a problem in authenticating the client with the server. when i disable
  ((SSLServerSocket)serversocket).setNeedClientAuth(true);
  both the server and client work fine and i get the required output.
  if i use -Djavax.net.ssl.truststore=trustStoreName and -Djavax.net.ssl.keyStore=keystoreName in the command line for the client then it works but i want to do it without the commandline options
  I tried to debug the clients ssl handshake where it seams that if i dont mention the truststore and keystore in the command line it wont take the ones mentioned in the code.
  If anyone has a solution for this or any idea can you please help me out im stuck on it for about a week now. Thanks in advance.
  uzi
  Message was edited by:
  Deo_Zone
  Message was edited by:
  Deo_Zone

  Hi...
  i'm new to ssl connection....i implement the code for ssl connection through java program...i use the following code
  String keystore = "<java_home>/jre/lib/security/cacerts";
  System.setProperty("javax.net.ssl.trustStore",keystore);
  env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
  env.put(Context.SECURITY_AUTHENTICATION,"simple");
  env.put(Context.SECURITY_PRINCIPAL,adminName);
  env.put(Context.SECURITY_CREDENTIALS,adminPassword);
  env.put(Context.SECURITY_PROTOCOL,"ssl");
  String ldapURL = "ldaps://mydc.speedrock.com:636";
  env.put(Context.PROVIDER_URL,ldapURL);
  DirContext ctx = new InitialLdapContext(env,null);
  i use this code in my web application and using server tomcat 5.5 server...
  Steps:
  1. Started my tomcat server
  2. attempt to change ActiveDirectory user password.
  At this time i'm not importing AD server certificate into cacerts file..
  In this situation it throws exception.
  3. now i import the valid certificate into cacerts file using keytool command
  keytool -import -alias xyzADCert -keystore <javahome>/jre/lib/security/cacerts -keypass changeit -storepass changeit -noprompt -file <java_home>/jre/lib/security/ca.cer;
  when i run this command from console, import the certificate successfully....
  4. now again attempts to change password...
  In this situation it gives same previous exception....
  But, when i restart the tomcat server and attempts change password, its working fine...
  The same thing happens in case of delete certificate...
  Steps:
  1.Start the tomcat server
  2. import valid certificate using keytool command
  keytool -import -alias xyzADCert -keystore <javahome>/jre/lib/security/cacerts -keypass changeit -storepass changeit -noprompt -file <java_home>/jre/lib/security/ca.cer;
  3. Try to change password....working fine
  4. delete the certificate using keytool command
  keytool -delete -alias xyzADCert -keystore <javahome>/jre/lib/security/cacerts -keypass changeit -storepass changeit
  when i run this command certificate deleted from cacerts file....
  for confirmation, once again i run this command...it gives alias does not exit message.
  5. Now, i re attempts to change password with out restaring tomcat server...
  instead of throwing exception like "simple bind failed", password updated in server for user.
  6. But, when i restart the tomcat server, it gives the exception like "simple bind failed" when i try to change password.
  my target is with out restarting server ..do change password successfully when i import the certificate and throw exception when i delete the certificate from cacerts file...
  please give me some help...

• Weblogic Problems

  Hello everybody:
  From a time to this part weblogic remains freeze after which the application that we
  have developed it makes external connections (Databases connection, HTTP connection, etc.).
  Weblogic remained freeze yesterday after which a database was down during minutes.
  The problem is that weblogic lets take care of requests and the only form to
  recover is reinitiating it the weblogic server.
  When we invoked kill -3 to the process of weblogic this one frees and it gives
  by following console exceptions:
  "Thread-23" daemon prio=5 tid=0xcb35f8 nid=0x1a4 waiting on monitor [0xabe01000..0xabe019d8]
       at java.lang.Thread.sleep(Native Method)
       at com.system.util.SystemConnector.run(Unknown Source)
       at java.lang.Thread.run(Thread.java:479)
  "SocketTimeout" daemon prio=10 tid=0x64db88 nid=0x133 waiting on monitor [0xac101000..0xac1019d8]
       at java.lang.Thread.sleep(Native Method)
       at HTTPClient.SocketTimeout.run(StreamDemultiplexor.java:917)
  "SeedGenerator Thread" daemon prio=5 tid=0x599e00 nid=0xaf waiting on monitor [0xab381000..0xab3819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at sun.security.provider.SeedGenerator.run(SeedGenerator.java:100)
       at java.lang.Thread.run(Thread.java:479)
  "HighPriority TimeEventGenerator" daemon prio=9 tid=0x8ed740 nid=0xa5 waiting on monitor [0xae701000..0xae7019d8]
       at java.lang.Object.wait(Native Method)
       at weblogic.time.common.internal.TimeTable.snooze(TimeTable.java:279)
       at weblogic.time.common.internal.TimeEventGenerator.run(TimeEventGenerator.java:138)
       at java.lang.Thread.run(Thread.java:479)
  SSLListenThread" prio=5 tid=0x8f2a60 nid=0xa4 runnable [0xac201000..0xac2019d8]
       at java.net.PlainSocketImpl.socketAccept(Native Method)
       at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:463)
       at java.net.ServerSocket.implAccept(ServerSocket.java:238)
       at java.net.ServerSocket.accept(ServerSocket.java:217)
       at weblogic.socket.WeblogicServerSocket.accept(WeblogicServerSocket.java:26)
       at weblogic.security.SSL.SSLServerSocket.acceptNoHandshake(SSLServerSocket.java:124)
       at weblogic.security.SSL.SSLServerSocket.accept(SSLServerSocket.java:115)
       at weblogic.t3.srvr.ListenThread.run(ListenThread.java:261)
  "ListenThread" prio=5 tid=0x8ed880 nid=0xa3 runnable [0xac301000..0xac3019d8]
       at java.net.PlainSocketImpl.socketAccept(Native Method)
       at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:463)
       at java.net.ServerSocket.implAccept(ServerSocket.java:238)
       at java.net.ServerSocket.accept(ServerSocket.java:217)
       at weblogic.socket.WeblogicServerSocket.accept(WeblogicServerSocket.java:26)
       at weblogic.t3.srvr.ListenThread.run(ListenThread.java:261)
  "Thread-0" daemon prio=10 tid=0x402808 nid=0xc waiting on monitor [0xb6101000..0xb61019d8]
       at java.lang.Thread.sleep(Native Method)
       at weblogic.transaction.internal.TransactionManagerImpl$1.run(TransactionManagerImpl.java:1594)
       at java.lang.Thread.run(Thread.java:479)
  "Signal Dispatcher" daemon prio=10 tid=0x101aa0 nid=0xa waiting on monitor [0..0]
  "Finalizer" daemon prio=8 tid=0xfd1f0 nid=0x7 waiting on monitor [0xfad81000..0xfad819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:103)
       at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:118)
       at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:157)
  "Reference Handler" daemon prio=10 tid=0xfb2b0 nid=0x6 waiting on monitor [0xfe281000..0xfe2819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:105)
  "main" prio=5 tid=0x29968 nid=0x1 waiting on monitor [0xffbee000..0xffbee44c]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at weblogic.t3.srvr.T3Srvr.waitForDeath(T3Srvr.java:692)
       at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:218)
       at weblogic.Server.main(Server.java:35)
  "VM Thread" prio=5 tid=0xfa648 nid=0x4 runnable
  "VM Periodic Task Thread" prio=10 tid=0xfeb98 nid=0x8 waiting on monitor
  "Suspend Checker Thread" prio=10 tid=0xfec90 nid=0x9 runnable
  Previously, we have the following exceptions:
  java.io.InterruptedIOException: Read timed out
       at java.net.SocketInputStream.socketRead(Native Method)
       at java.net.SocketInputStream.read(SocketInputStream.java:85)
       at HTTPClient.BufferedInputStream.fillBuff(BufferedInputStream.java:172)
       at HTTPClient.BufferedInputStream.read(BufferedInputStream.java:110)
       at HTTPClient.StreamDemultiplexor.read(StreamDemultiplexor.java:273)
       at HTTPClient.RespInputStream.read(RespInputStream.java:155)
       at HTTPClient.RespInputStream.read(RespInputStream.java:115)
       at HTTPClient.Response.readResponseHeaders(Response.java:971)
       at HTTPClient.Response.getHeaders(Response.java:693)
       at HTTPClient.Response.getStatusCode(Response.java:263)
       at HTTPClient.RetryModule.responsePhase1Handler(RetryModule.java:83)
       at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:724)
       at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:190)
  java.io.EOFException: Premature EOF encountered
       at HTTPClient.StreamDemultiplexor.read(StreamDemultiplexor.java:275)
       at HTTPClient.RespInputStream.read(RespInputStream.java:155)
       at HTTPClient.RespInputStream.read(RespInputStream.java:115)
       at HTTPClient.Response.readResponseHeaders(Response.java:971)
       at HTTPClient.Response.getHeaders(Response.java:693)
       at HTTPClient.Response.getStatusCode(Response.java:263)
       at HTTPClient.RetryModule.responsePhase1Handler(RetryModule.java:83)
       at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:724)
       at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:190)
  (Log message) CONNECT TO jdbc:inetdae6.5:AN_VALID_IP_ADDRESS:1433?database=master
  com.inet.tds.SQLException: Connection reset by peer: Connection reset by peer
  java.net.SocketException: Connection reset by peer: Connection reset by peer
       at java.net.SocketInputStream.socketRead(Native Method)
       at java.net.SocketInputStream.read(SocketInputStream.java:85)
       at com.inet.tds.e.a(Unknown Source)
       at com.inet.tds.e.a(Unknown Source)
       at com.inet.tds.e.<init>(Unknown Source)
       at com.inet.tds.TdsDriver.connect(Unknown Source)
       at java.sql.DriverManager.getConnection(DriverManager.java:512)
       at java.sql.DriverManager.getConnection(DriverManager.java:172)
  What is happening?.
  Why Weblogic cannot take care of but request and are freeze?,
  Regards,
  Gabriel.

  Weblogic is a commercial product that a company besides Sun makes.
  Which suggests that your question should be directed at them.
  If you have specifically tracked this to the database then it would suggest that the pool is probably the problem. You don't by chance have the pool attributes set to an infinite timeout?

• Strange problem with SSL Sockets using more than 10 Clients

  Hi
  I�m using Jsse ( JDK 1.4.2_06 ). I have coded a Client/Server Applikation acting over SSLSockets or over unsecured Sockets. If I use unsecured Sockets everthing works fine, but if I use SSLSockets for the Connection and about 20 Clients, the Clients often can�t connect to the Server and the following Exception was thrown:
  java.net.ConnectException: Connection refused: connect
  Could it be that there is some strange problem with SSLServerSockets relating to this phenomenon?
  If I use only a few Clients the Exception occurs never or only sometimes.
  Has anyboby an idea what is happaning there?
  Regards Chrisli

  Hi
  From the description of your scenario, you have coded your own server side of the application. I would advise that you consider moving your application to run under Tomcat framework and test if you still get the same exception.

• Problems calling external Web Service from a Java Stored Procedure

  I'm using a sample code that I found here about calling external web services from a Java Store Procedure ( Credit Agency Web Service http://www.oracle.com/technology/sample_code/tech/java/jsp/samples/wsclient/Readme.html ) but when I run it ,send this error. I dont know what can I do or what is missing. Please help me. Thanks.
  Error: Premature EOF encountered [java.io.EOFException] [SOAPException: faultCode=SOAP-ENV:IOException; msg=Premature EOF encountered; targetException=java.io.EOFException: Premature EOF encountered] at org.apache.soap.SOAPException.(SOAPException.java:77) at oracle.soap.transport.http.OracleSOAPHTTPConnection.send(OracleSOAPHTTPConnection.java:765) at org.apache.soap.rpc.Call.invoke(Call.java:261) at oracle.otnsamples.wsclient.CreditAgencyServiceStub.authorizeCustomer(CreditAgencyServiceStub.java:84) at Products.jspService(Products.jsp:120) at oracle.jsp.runtime.HttpJsp.service(HttpJsp.java:139) at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:349) at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:509) at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:413) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:795) at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330) at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:794) at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:270) at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:112) at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192) at java.lang.Thread.run(Thread.java:534)

  I'm also facing problem in running the example on the page http://www.oracle.com/technology/sample_code/tech/java/jsp/samples/wsclient/Readme.html
  I've Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 and Oracle Application Server 10g (10.1.3). When I executed the following command,
  loadjava -thin -user sys/password@localhost:1521:oradb -resolve -synonym -verbose -grant public %OC4J_HOME%/webservices/lib/soap.jar %OC4J_HOME%/lib/dms.jar %OC4J_HOME%/jlib/javax-ssl-1_1.jar %ORACLE_HOME%/lib/servlet.jar %OC4J_HOME%/j2ee/home/lib/mail.jar
  ... mentioned in step 3 under the "Configuring the Application" section on the above link, the process terminates with the following error
  The following operations failed
  class oracle/net/www/protocol/https/Handler: resolution
  class oracle/net/www/protocol/https/HttpsURLConnection: resolution
  class oracle/soap/client/ProviderManagerClient: resolution
  class oracle/soap/client/ServiceManagerClient: resolution
  class oracle/soap/providers/JavaProvider: resolution
  class oracle/soap/providers/ejbprov/EntityEJBProvider: resolution
  class oracle/soap/providers/ejbprov/StatefulEJBProvider: resolution
  class oracle/soap/providers/ejbprov/StatelessEJBProvider: resolution
  class oracle/soap/providers/sp/SpProvider: resolution
  class oracle/soap/server/http/SOAPServlet: resolution
  class oracle/soap/transport/http/OracleSOAPHTTPConnection$1: resolution
  class oracle/soap/transport/http/OracleSOAPHTTPConnection: resolution
  class org/apache/soap/messaging/Message: resolution
  class org/apache/soap/rpc/Call: resolution
  class org/apache/soap/rpc/RPCMessage: resolution
  class org/apache/soap/rpc/Response: resolution
  class javax/net/DefaultServerSocketFactory: creation (createFailed)
  class javax/net/DefaultSocketFactory: creation (createFailed)
  class javax/net/ServerSocketFactory: creation (createFailed)
  class javax/net/SocketFactory: creation (createFailed)
  class javax/net/ssl/DefaultSSLServerSocketFactory: creation (createFailed)
  class javax/net/ssl/DefaultSSLSocketFactory: creation (createFailed)
  class javax/net/ssl/HandshakeCompletedEvent: creation (createFailed)
  class javax/net/ssl/HandshakeCompletedListener: creation (createFailed)
  class javax/net/ssl/SSLException: creation (createFailed)
  class javax/net/ssl/SSLHandshakeException: creation (createFailed)
  class javax/net/ssl/SSLKeyException: creation (createFailed)
  class javax/net/ssl/SSLPeerUnverifiedException: creation (createFailed)
  class javax/net/ssl/SSLProtocolException: creation (createFailed)
  class javax/net/ssl/SSLServerSocket: creation (createFailed)
  class javax/net/ssl/SSLServerSocketFactory: creation (createFailed)
  class javax/net/ssl/SSLSession: creation (createFailed)
  class javax/net/ssl/SSLSessionBindingEvent: creation (createFailed)
  class javax/net/ssl/SSLSessionBindingListener: creation (createFailed)
  class javax/net/ssl/SSLSessionContext: creation (createFailed)
  class javax/net/ssl/SSLSocket: creation (createFailed)
  class javax/net/ssl/SSLSocketFactory: creation (createFailed)
  class javax/security/cert/Certificate: creation (createFailed)
  class javax/security/cert/CertificateEncodingException: creation (createFailed)
  class javax/security/cert/CertificateException: creation (createFailed)
  class javax/security/cert/CertificateExpiredException: creation (createFailed)
  class javax/security/cert/CertificateNotYetValidException: creation (createFailed)
  class javax/security/cert/CertificateParsingException: creation (createFailed)
  class javax/security/cert/X509Certificate: creation (createFailed)
  exiting : Failures occurred during processing
  I've checked the path to all the jar files.
  I tried to run the command again with system/password instead sys/password but then I got the following stacktrace:
  The following operations failed
  class oracle/net/www/protocol/https/Handler: resolution
  class oracle/net/www/protocol/https/HttpsURLConnection: resolution
  class oracle/soap/client/ProviderManagerClient: resolution
  class oracle/soap/client/ServiceManagerClient: resolution
  class oracle/soap/providers/JavaProvider: resolution
  class oracle/soap/providers/ejbprov/EntityEJBProvider: resolution
  class oracle/soap/providers/ejbprov/StatefulEJBProvider: resolution
  class oracle/soap/providers/ejbprov/StatelessEJBProvider: resolution
  class oracle/soap/providers/sp/SpProvider: resolution
  class oracle/soap/server/http/SOAPServlet: resolution
  class oracle/soap/transport/http/OracleSOAPHTTPConnection$1: resolution
  class oracle/soap/transport/http/OracleSOAPHTTPConnection: resolution
  class org/apache/soap/messaging/Message: resolution
  class org/apache/soap/rpc/Call: resolution
  class org/apache/soap/rpc/RPCMessage: resolution
  class org/apache/soap/rpc/Response: resolution
  exiting : Failures occurred during processing
  Thanks in advance for any useful help.
  -

• SSL problem: renegotiation is not allowed

  Hi all,
  I'm trying to build a SSL client/server app (something simple, for learning purposes), and I got some pointers on the internet. However, when I ran both client and server, I got an exception on the client side: javax.net.ssl.SSLHandshakeException: renegotiation is not allowed
  Here are my codes:
  Server
  //server.jks = keystore
            //ServerJKS = keystore password
            //SeverKey = certificate's password (certificate = server_full)
            if (args.length<3) {
                 System.out.println("Usage:");
               System.out.println("   java AdminApp keyStoreName keyStorePass certPass");
               return;
            String keyStoreName = args[0];
           char[] keyStorePass = args[1].toCharArray();
           char[] certPass = args[2].toCharArray();
           System.setProperty("javax.net.ssl.trustStore", args[0]);
           System.setProperty("javax.net.ssl.trustStorePassword", args[1]);
           try {
                KeyStore keystore = KeyStore.getInstance("JKS");
               keystore.load(new FileInputStream(keyStoreName), keyStorePass);
               KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
               kmf.init(keystore, certPass);
               SSLContext context = SSLContext.getInstance("SSL");
               context.init(kmf.getKeyManagers(), null, null);
               SSLServerSocketFactory factory = context.getServerSocketFactory();
               SSLServerSocket server = (SSLServerSocket) factory.createServerSocket(8888);
               server.setNeedClientAuth(true);
               //call method printServerSocketInfo
               printServerSocketInfo(server);
               SSLSocket socket = (SSLSocket) server.accept();
               //call method printSocketInfo
               printSocketInfo(socket);
               BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
               BufferedReader reader = new BufferedReader(new InputStreamReader(socket.getInputStream()));
               String msg = "Welcome to SSL Reverse Echo Server."+ " Please type in some words.";
               writer.write(msg,0,msg.length());
               writer.newLine();
               writer.flush();
               while ((msg = reader.readLine())!= null) {
                    if (msg.equals("."))
                         break;
                   char[] a = msg.toCharArray();
                   int n = a.length;
                   for(int i = 0; i < n/2; i++) {
                        char t = a;
            a[i] = a[n-1-i];
            a[n-i-1] = t;
       writer.write(a,0,n);
       writer.newLine();
       writer.flush();
       writer.close();
       reader.close();
       socket.close();
       server.close();
       } catch (Exception e) {
       System.err.println(e.toString());
  _Client_if (args.length<3) {
                 System.out.println("Usage:");
                 System.out.println(" java SslReverseEchoerRevised keyStoreName keyStorePass certPass");
                 return;
            String keyStoreName = args[0];
       char[] keyStorePass = args[1].toCharArray();
       char[] certPass = args[2].toCharArray();
       System.setProperty("javax.net.ssl.trustStore", args[0]);
       System.setProperty("javax.net.ssl.trustStorePassword", args[1]);
       //these two, to get messages out and in
       BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
       PrintStream out = System.out;
       try {
            KeyStore keystore = KeyStore.getInstance("JKS");
       keystore.load(new FileInputStream(keyStoreName), keyStorePass);
       KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
       kmf.init(keystore, certPass);
       SSLContext context = SSLContext.getInstance("SSL");
       context.init(kmf.getKeyManagers(), null, null);
       SSLSocketFactory factory = context.getSocketFactory();
       SSLSocket socket = (SSLSocket) factory.createSocket("localhost", 8888);
       //call printSocketInfo method
       printSocketInfo(socket);
       //start handshake
       socket.startHandshake();
       BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
       BufferedReader reader = new BufferedReader(new InputStreamReader(socket.getInputStream()));
       String msg = null;
       while ((msg = reader.readLine())!= null) {
            out.println(msg);
       msg = in.readLine();
       writer.write(msg,0,msg.length());
       writer.newLine();
       writer.flush();
       writer.close();
       reader.close();
       socket.close();
       } catch (Exception e) {
            System.err.println(e.toString());

  I think you need to setup your proxy server to allow 7002 port,
  or use port 443 for SSL ( it is the default proxy secured port)
  Hope this will help
  Mohds
  "Paul Patrick" <[email protected]> wrote:
  If this is a production problem, you should file a problem report with BEA
  Support.
  But I didn't see any certificates for the server registered. Without
  certificates and a private
  key the SSL protocol will not work.
  Paul Patrick
  "Antimo" <[email protected]> wrote in message
  news:3a12cc80$[email protected]..
  Hello there,
  we have a BIG PROBLEM on a production system.
  Some user on internet using IEXplore 5.0x could'nt access our https page.
  Error reported are:
  SSL Forbidden
  SSL port specified is not allowed
  We are using SSL on port 7002
  This is the weblogic properties reagrd SSL:.
  weblogic.security.ssl.enable=true
  # SSL listen port
  weblogic.system.SSLListenPort=7002
  Any suggestion?
  Is there a possibility to use port 80 both for https and http?
  Any help will be apprciated.
  THANK'S!

• SSLServerSocket setWantClientAuth(true):

  Hi
  I have a problem with a Java SSLServer:
  Following scenario:
  The server uses
  SSLServerSocket.setWantClientAuth(true)
  to request the clients certificate.
  Client is Firefox 1.04 and is configured to "ask everytime before sending client certificate."
  Everything works fine as long as i choose to send the client certificate.
  If i choose not to send the client certificate (which should not stop SSL negotiations according to the docs) then i have different behavior with different J2SE versions:
  J2SE 5.0: The server accepts my decision not to send the certificate and works as expected for further requests.
  J2SE 1.4.2: The server doesn't stop to ask for the client certificate. It asks for it for every GET request. wich is of course annoying for the client.
  Has somebody seen such behavior with an SSL server running on J2SE 1.4.2? Is there a known workaround?
  BTW: I was looking for bugreports for this issue but could not find anything related.
  Thanks in advance for your feedback...

  SSL doesn't behave like that. Once you have handshaken successfully and are able to send data no certificate will be requested until a new handshake takes place, or a new connection. This sounds as though the 1.5 server is persisting the HTTPS connection while the 1.4 server is closing the HTTPS connection after sending the reply, or else that the 1.4 server is doing a rehandshake per request and the 1.5 one is not. Are there any differences in the servers other than the JDK they are running under?

• Weblogic 6.1 Problems

  Hello everybody:
  From a time to this part weblogic remains freeze after which the application that we
  have developed it makes external connections (Databases connection, HTTP connection, etc.).
  Weblogic remained freeze yesterday after which a database was down during minutes.
  The problem is that weblogic lets take care of requests and the only form to
  recover is reinitiating it the weblogic server.
  When we invoked kill -3 to the process of weblogic this one frees and it gives
  by following console exceptions:
  "Thread-23" daemon prio=5 tid=0xcb35f8 nid=0x1a4 waiting on monitor [0xabe01000..0xabe019d8]
       at java.lang.Thread.sleep(Native Method)
       at com.system.util.SystemConnector.run(Unknown Source)
       at java.lang.Thread.run(Thread.java:479)
  "SocketTimeout" daemon prio=10 tid=0x64db88 nid=0x133 waiting on monitor [0xac101000..0xac1019d8]
       at java.lang.Thread.sleep(Native Method)
       at HTTPClient.SocketTimeout.run(StreamDemultiplexor.java:917)
  "SeedGenerator Thread" daemon prio=5 tid=0x599e00 nid=0xaf waiting on monitor [0xab381000..0xab3819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at sun.security.provider.SeedGenerator.run(SeedGenerator.java:100)
       at java.lang.Thread.run(Thread.java:479)
  "HighPriority TimeEventGenerator" daemon prio=9 tid=0x8ed740 nid=0xa5 waiting on monitor [0xae701000..0xae7019d8]
       at java.lang.Object.wait(Native Method)
       at weblogic.time.common.internal.TimeTable.snooze(TimeTable.java:279)
       at weblogic.time.common.internal.TimeEventGenerator.run(TimeEventGenerator.java:138)
       at java.lang.Thread.run(Thread.java:479)
  SSLListenThread" prio=5 tid=0x8f2a60 nid=0xa4 runnable [0xac201000..0xac2019d8]
       at java.net.PlainSocketImpl.socketAccept(Native Method)
       at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:463)
       at java.net.ServerSocket.implAccept(ServerSocket.java:238)
       at java.net.ServerSocket.accept(ServerSocket.java:217)
       at weblogic.socket.WeblogicServerSocket.accept(WeblogicServerSocket.java:26)
       at weblogic.security.SSL.SSLServerSocket.acceptNoHandshake(SSLServerSocket.java:124)
       at weblogic.security.SSL.SSLServerSocket.accept(SSLServerSocket.java:115)
       at weblogic.t3.srvr.ListenThread.run(ListenThread.java:261)
  "ListenThread" prio=5 tid=0x8ed880 nid=0xa3 runnable [0xac301000..0xac3019d8]
       at java.net.PlainSocketImpl.socketAccept(Native Method)
       at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:463)
       at java.net.ServerSocket.implAccept(ServerSocket.java:238)
       at java.net.ServerSocket.accept(ServerSocket.java:217)
       at weblogic.socket.WeblogicServerSocket.accept(WeblogicServerSocket.java:26)
       at weblogic.t3.srvr.ListenThread.run(ListenThread.java:261)
  "Thread-0" daemon prio=10 tid=0x402808 nid=0xc waiting on monitor [0xb6101000..0xb61019d8]
       at java.lang.Thread.sleep(Native Method)
       at weblogic.transaction.internal.TransactionManagerImpl$1.run(TransactionManagerImpl.java:1594)
       at java.lang.Thread.run(Thread.java:479)
  "Signal Dispatcher" daemon prio=10 tid=0x101aa0 nid=0xa waiting on monitor [0..0]
  "Finalizer" daemon prio=8 tid=0xfd1f0 nid=0x7 waiting on monitor [0xfad81000..0xfad819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:103)
       at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:118)
       at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:157)
  "Reference Handler" daemon prio=10 tid=0xfb2b0 nid=0x6 waiting on monitor [0xfe281000..0xfe2819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:105)
  "main" prio=5 tid=0x29968 nid=0x1 waiting on monitor [0xffbee000..0xffbee44c]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at weblogic.t3.srvr.T3Srvr.waitForDeath(T3Srvr.java:692)
       at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:218)
       at weblogic.Server.main(Server.java:35)
  "VM Thread" prio=5 tid=0xfa648 nid=0x4 runnable
  "VM Periodic Task Thread" prio=10 tid=0xfeb98 nid=0x8 waiting on monitor
  "Suspend Checker Thread" prio=10 tid=0xfec90 nid=0x9 runnable
  Previously, we have the following exceptions:
  java.io.InterruptedIOException: Read timed out
       at java.net.SocketInputStream.socketRead(Native Method)
       at java.net.SocketInputStream.read(SocketInputStream.java:85)
       at HTTPClient.BufferedInputStream.fillBuff(BufferedInputStream.java:172)
       at HTTPClient.BufferedInputStream.read(BufferedInputStream.java:110)
       at HTTPClient.StreamDemultiplexor.read(StreamDemultiplexor.java:273)
       at HTTPClient.RespInputStream.read(RespInputStream.java:155)
       at HTTPClient.RespInputStream.read(RespInputStream.java:115)
       at HTTPClient.Response.readResponseHeaders(Response.java:971)
       at HTTPClient.Response.getHeaders(Response.java:693)
       at HTTPClient.Response.getStatusCode(Response.java:263)
       at HTTPClient.RetryModule.responsePhase1Handler(RetryModule.java:83)
       at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:724)
       at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:190)
  java.io.EOFException: Premature EOF encountered
       at HTTPClient.StreamDemultiplexor.read(StreamDemultiplexor.java:275)
       at HTTPClient.RespInputStream.read(RespInputStream.java:155)
       at HTTPClient.RespInputStream.read(RespInputStream.java:115)
       at HTTPClient.Response.readResponseHeaders(Response.java:971)
       at HTTPClient.Response.getHeaders(Response.java:693)
       at HTTPClient.Response.getStatusCode(Response.java:263)
       at HTTPClient.RetryModule.responsePhase1Handler(RetryModule.java:83)
       at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:724)
       at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:190)
  (Log message) CONNECT TO jdbc:inetdae6.5:AN_VALID_IP_ADDRESS:1433?database=master
  com.inet.tds.SQLException: Connection reset by peer: Connection reset by peer
  java.net.SocketException: Connection reset by peer: Connection reset by peer
       at java.net.SocketInputStream.socketRead(Native Method)
       at java.net.SocketInputStream.read(SocketInputStream.java:85)
       at com.inet.tds.e.a(Unknown Source)
       at com.inet.tds.e.a(Unknown Source)
       at com.inet.tds.e.<init>(Unknown Source)
       at com.inet.tds.TdsDriver.connect(Unknown Source)
       at java.sql.DriverManager.getConnection(DriverManager.java:512)
       at java.sql.DriverManager.getConnection(DriverManager.java:172)
  What is happening?.
  Why Weblogic cannot take care of but request and are freeze?

  Hello everybody:
  From a time to this part weblogic remains freeze after which the application that we
  have developed it makes external connections (Databases connection, HTTP connection, etc.).
  Weblogic remained freeze yesterday after which a database was down during minutes.
  The problem is that weblogic lets take care of requests and the only form to
  recover is reinitiating it the weblogic server.
  When we invoked kill -3 to the process of weblogic this one frees and it gives
  by following console exceptions:
  "Thread-23" daemon prio=5 tid=0xcb35f8 nid=0x1a4 waiting on monitor [0xabe01000..0xabe019d8]
       at java.lang.Thread.sleep(Native Method)
       at com.system.util.SystemConnector.run(Unknown Source)
       at java.lang.Thread.run(Thread.java:479)
  "SocketTimeout" daemon prio=10 tid=0x64db88 nid=0x133 waiting on monitor [0xac101000..0xac1019d8]
       at java.lang.Thread.sleep(Native Method)
       at HTTPClient.SocketTimeout.run(StreamDemultiplexor.java:917)
  "SeedGenerator Thread" daemon prio=5 tid=0x599e00 nid=0xaf waiting on monitor [0xab381000..0xab3819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at sun.security.provider.SeedGenerator.run(SeedGenerator.java:100)
       at java.lang.Thread.run(Thread.java:479)
  "HighPriority TimeEventGenerator" daemon prio=9 tid=0x8ed740 nid=0xa5 waiting on monitor [0xae701000..0xae7019d8]
       at java.lang.Object.wait(Native Method)
       at weblogic.time.common.internal.TimeTable.snooze(TimeTable.java:279)
       at weblogic.time.common.internal.TimeEventGenerator.run(TimeEventGenerator.java:138)
       at java.lang.Thread.run(Thread.java:479)
  SSLListenThread" prio=5 tid=0x8f2a60 nid=0xa4 runnable [0xac201000..0xac2019d8]
       at java.net.PlainSocketImpl.socketAccept(Native Method)
       at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:463)
       at java.net.ServerSocket.implAccept(ServerSocket.java:238)
       at java.net.ServerSocket.accept(ServerSocket.java:217)
       at weblogic.socket.WeblogicServerSocket.accept(WeblogicServerSocket.java:26)
       at weblogic.security.SSL.SSLServerSocket.acceptNoHandshake(SSLServerSocket.java:124)
       at weblogic.security.SSL.SSLServerSocket.accept(SSLServerSocket.java:115)
       at weblogic.t3.srvr.ListenThread.run(ListenThread.java:261)
  "ListenThread" prio=5 tid=0x8ed880 nid=0xa3 runnable [0xac301000..0xac3019d8]
       at java.net.PlainSocketImpl.socketAccept(Native Method)
       at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:463)
       at java.net.ServerSocket.implAccept(ServerSocket.java:238)
       at java.net.ServerSocket.accept(ServerSocket.java:217)
       at weblogic.socket.WeblogicServerSocket.accept(WeblogicServerSocket.java:26)
       at weblogic.t3.srvr.ListenThread.run(ListenThread.java:261)
  "Thread-0" daemon prio=10 tid=0x402808 nid=0xc waiting on monitor [0xb6101000..0xb61019d8]
       at java.lang.Thread.sleep(Native Method)
       at weblogic.transaction.internal.TransactionManagerImpl$1.run(TransactionManagerImpl.java:1594)
       at java.lang.Thread.run(Thread.java:479)
  "Signal Dispatcher" daemon prio=10 tid=0x101aa0 nid=0xa waiting on monitor [0..0]
  "Finalizer" daemon prio=8 tid=0xfd1f0 nid=0x7 waiting on monitor [0xfad81000..0xfad819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:103)
       at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:118)
       at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:157)
  "Reference Handler" daemon prio=10 tid=0xfb2b0 nid=0x6 waiting on monitor [0xfe281000..0xfe2819d8]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:105)
  "main" prio=5 tid=0x29968 nid=0x1 waiting on monitor [0xffbee000..0xffbee44c]
       at java.lang.Object.wait(Native Method)
       at java.lang.Object.wait(Object.java:415)
       at weblogic.t3.srvr.T3Srvr.waitForDeath(T3Srvr.java:692)
       at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:218)
       at weblogic.Server.main(Server.java:35)
  "VM Thread" prio=5 tid=0xfa648 nid=0x4 runnable
  "VM Periodic Task Thread" prio=10 tid=0xfeb98 nid=0x8 waiting on monitor
  "Suspend Checker Thread" prio=10 tid=0xfec90 nid=0x9 runnable
  Previously, we have the following exceptions:
  java.io.InterruptedIOException: Read timed out
       at java.net.SocketInputStream.socketRead(Native Method)
       at java.net.SocketInputStream.read(SocketInputStream.java:85)
       at HTTPClient.BufferedInputStream.fillBuff(BufferedInputStream.java:172)
       at HTTPClient.BufferedInputStream.read(BufferedInputStream.java:110)
       at HTTPClient.StreamDemultiplexor.read(StreamDemultiplexor.java:273)
       at HTTPClient.RespInputStream.read(RespInputStream.java:155)
       at HTTPClient.RespInputStream.read(RespInputStream.java:115)
       at HTTPClient.Response.readResponseHeaders(Response.java:971)
       at HTTPClient.Response.getHeaders(Response.java:693)
       at HTTPClient.Response.getStatusCode(Response.java:263)
       at HTTPClient.RetryModule.responsePhase1Handler(RetryModule.java:83)
       at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:724)
       at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:190)
  java.io.EOFException: Premature EOF encountered
       at HTTPClient.StreamDemultiplexor.read(StreamDemultiplexor.java:275)
       at HTTPClient.RespInputStream.read(RespInputStream.java:155)
       at HTTPClient.RespInputStream.read(RespInputStream.java:115)
       at HTTPClient.Response.readResponseHeaders(Response.java:971)
       at HTTPClient.Response.getHeaders(Response.java:693)
       at HTTPClient.Response.getStatusCode(Response.java:263)
       at HTTPClient.RetryModule.responsePhase1Handler(RetryModule.java:83)
       at HTTPClient.HTTPResponse.handleResponse(HTTPResponse.java:724)
       at HTTPClient.HTTPResponse.getStatusCode(HTTPResponse.java:190)
  (Log message) CONNECT TO jdbc:inetdae6.5:AN_VALID_IP_ADDRESS:1433?database=master
  com.inet.tds.SQLException: Connection reset by peer: Connection reset by peer
  java.net.SocketException: Connection reset by peer: Connection reset by peer
       at java.net.SocketInputStream.socketRead(Native Method)
       at java.net.SocketInputStream.read(SocketInputStream.java:85)
       at com.inet.tds.e.a(Unknown Source)
       at com.inet.tds.e.a(Unknown Source)
       at com.inet.tds.e.<init>(Unknown Source)
       at com.inet.tds.TdsDriver.connect(Unknown Source)
       at java.sql.DriverManager.getConnection(DriverManager.java:512)
       at java.sql.DriverManager.getConnection(DriverManager.java:172)
  What is happening?.
  Why Weblogic cannot take care of but request and are freeze?

• HELP - problem in running SSLSocket client/server application

  Hi,
  I want to create a SSLSocket based client/server application for this i have used EchoServer.Java and EchoClient.Java files. Both files are successfully compiled and when i ran EchoServer it throws an exception "Server certificate not found".
  I want to make a complete auto-controlled client/server application which will automatically gets certificate and all configuration itself from program because i will use both client and server application in as a servlet part.
  I did as per following instructions:
  -Create a keystore to hold the private and public keys for the server. e.g.
  keytool -genkey -keystore mykeystore -alias "myalias" -keypass "mysecret"
  -Export the X509 certificate from this store
  keytool -export -alias "myalias" -keystore mykeystore -file mycertfile.cer
  -Import this into a trustStore for the client
  keytool -import -alias "myalias" -keystore mytruststore -file mycertfile.cer
  -Run the server using the keystore
  java -Djavax.net.ssl.keyStore=mykeystore -Djavax.net.ssl.keyStorePassword="mysecret" EchoServer
  -Run the client using the truststore
  java -Djavax.net.ssl.trustStore=mytruststore -Djavax.net.ssl.trustStorePassword="mysecret" EchoClient localhost
  EchoServer.Java
  import java.io.BufferedReader;
  import java.io.IOException;
  import java.io.InputStreamReader;
  import java.io.PrintStream;
  import java.net.Socket;
  import javax.net.ssl.SSLServerSocket;
  import javax.net.ssl.SSLServerSocketFactory;
  public class EchoServer {
  public static int MYECHOPORT = 8189;
  public static void main(String argv[]) {
  try {
  SSLServerSocketFactory factory =
  (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
  SSLServerSocket sslSocket =
  (SSLServerSocket) factory.createServerSocket(MYECHOPORT);
  while (true) {
  Socket incoming = sslSocket.accept();
  new SocketHandler(incoming).start();
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(30);
  class SocketHandler extends Thread {
  Socket incoming;
  SocketHandler(Socket incoming) {
  this.incoming = incoming;
  public void run() {
  try {
  BufferedReader reader =
  new BufferedReader(new InputStreamReader(incoming.getInputStream()));
  PrintStream out =
  new PrintStream(incoming.getOutputStream());
  boolean done = false;
  while (!done) {
  String str = reader.readLine();
  if (str == null)
  done = true;
  else {
  System.out.println("Read from client: " + str);
  out.println("Echo: " + str);
  if (str.trim().equals("BYE"))
  done = true;
  incoming.close();
  } catch (IOException e) {
  e.printStackTrace();
  EchoClient.Java
  import java.io.BufferedReader;
  import java.io.IOException;
  import java.io.InputStreamReader;
  import java.io.PrintStream;
  import java.net.InetAddress;
  import java.net.Socket;
  import java.net.UnknownHostException;
  import javax.net.ssl.SSLSocket;
  import javax.net.ssl.SSLSocketFactory;
  public class EchoClient {
  public EchoClient(){}
  public static final int MYECHOPORT = 8189;
  public static void main(String[] args) {
  /*if (args.length != 1) {
  System.err.println("Usage: Client address");
  System.exit(1);
  String sAddress="localhost";
  InetAddress address = null;
  try {
  //address = InetAddress.getByName(args[0]);
  address = InetAddress.getByName(sAddress);
  } catch (UnknownHostException e) {
  e.printStackTrace();
  System.exit(2);
  Socket sock = null;
  try {
  sock = new Socket(address, MYECHOPORT);
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(3);
  SSLSocketFactory factory =
  (SSLSocketFactory) SSLSocketFactory.getDefault();
  SSLSocket sslSocket = null;
  try {
  sslSocket =
  (SSLSocket) factory.createSocket(sock, args[0], MYECHOPORT, true);
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(3);
  BufferedReader reader = null;
  PrintStream out = null;
  try {
  reader = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
  out = new PrintStream(sslSocket.getOutputStream());
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(6);
  String line = null;
  try {
  // Just send a goodbye message, for testing
  out.println("BYE");
  line = reader.readLine();
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(6);
  System.out.println(line);
  System.exit(0);
  } // Client
  Can anybody will please help me to solve my problem i am using JDK1.4.2_07
  Thanks in advance.

  Hi,
  I want to create a SSLSocket based client/server application for this i have used EchoServer.Java and EchoClient.Java files. Both files are successfully compiled and when i ran EchoServer it throws an exception "Server certificate not found".
  I want to make a complete auto-controlled client/server application which will automatically gets certificate and all configuration itself from program because i will use both client and server application in as a servlet part.
  I did as per following instructions:
  -Create a keystore to hold the private and public keys for the server. e.g.
  keytool -genkey -keystore mykeystore -alias "myalias" -keypass "mysecret"
  -Export the X509 certificate from this store
  keytool -export -alias "myalias" -keystore mykeystore -file mycertfile.cer
  -Import this into a trustStore for the client
  keytool -import -alias "myalias" -keystore mytruststore -file mycertfile.cer
  -Run the server using the keystore
  java -Djavax.net.ssl.keyStore=mykeystore -Djavax.net.ssl.keyStorePassword="mysecret" EchoServer
  -Run the client using the truststore
  java -Djavax.net.ssl.trustStore=mytruststore -Djavax.net.ssl.trustStorePassword="mysecret" EchoClient localhost
  EchoServer.Java
  import java.io.BufferedReader;
  import java.io.IOException;
  import java.io.InputStreamReader;
  import java.io.PrintStream;
  import java.net.Socket;
  import javax.net.ssl.SSLServerSocket;
  import javax.net.ssl.SSLServerSocketFactory;
  public class EchoServer {
  public static int MYECHOPORT = 8189;
  public static void main(String argv[]) {
  try {
  SSLServerSocketFactory factory =
  (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
  SSLServerSocket sslSocket =
  (SSLServerSocket) factory.createServerSocket(MYECHOPORT);
  while (true) {
  Socket incoming = sslSocket.accept();
  new SocketHandler(incoming).start();
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(30);
  class SocketHandler extends Thread {
  Socket incoming;
  SocketHandler(Socket incoming) {
  this.incoming = incoming;
  public void run() {
  try {
  BufferedReader reader =
  new BufferedReader(new InputStreamReader(incoming.getInputStream()));
  PrintStream out =
  new PrintStream(incoming.getOutputStream());
  boolean done = false;
  while (!done) {
  String str = reader.readLine();
  if (str == null)
  done = true;
  else {
  System.out.println("Read from client: " + str);
  out.println("Echo: " + str);
  if (str.trim().equals("BYE"))
  done = true;
  incoming.close();
  } catch (IOException e) {
  e.printStackTrace();
  EchoClient.Java
  import java.io.BufferedReader;
  import java.io.IOException;
  import java.io.InputStreamReader;
  import java.io.PrintStream;
  import java.net.InetAddress;
  import java.net.Socket;
  import java.net.UnknownHostException;
  import javax.net.ssl.SSLSocket;
  import javax.net.ssl.SSLSocketFactory;
  public class EchoClient {
  public EchoClient(){}
  public static final int MYECHOPORT = 8189;
  public static void main(String[] args) {
  /*if (args.length != 1) {
  System.err.println("Usage: Client address");
  System.exit(1);
  String sAddress="localhost";
  InetAddress address = null;
  try {
  //address = InetAddress.getByName(args[0]);
  address = InetAddress.getByName(sAddress);
  } catch (UnknownHostException e) {
  e.printStackTrace();
  System.exit(2);
  Socket sock = null;
  try {
  sock = new Socket(address, MYECHOPORT);
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(3);
  SSLSocketFactory factory =
  (SSLSocketFactory) SSLSocketFactory.getDefault();
  SSLSocket sslSocket = null;
  try {
  sslSocket =
  (SSLSocket) factory.createSocket(sock, args[0], MYECHOPORT, true);
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(3);
  BufferedReader reader = null;
  PrintStream out = null;
  try {
  reader = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
  out = new PrintStream(sslSocket.getOutputStream());
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(6);
  String line = null;
  try {
  // Just send a goodbye message, for testing
  out.println("BYE");
  line = reader.readLine();
  } catch (IOException e) {
  e.printStackTrace();
  System.exit(6);
  System.out.println(line);
  System.exit(0);
  } // Client
  Can anybody will please help me to solve my problem i am using JDK1.4.2_07
  Thanks in advance.

• Does an SSLServerSocket cache the trusted certs???

  I implemented a TrustStoreManager for an SSLServerSocket so that checkClientTrusted() returns if the cert is acceptable. But through debugging code I see that once checkClientTrusted() returns normally, it doesn't get invoked when a subsequent connection is made to the same server socket.
  This is causing a problem because I have a "trust all certs" override in the app. If I send a bad cert, the TrustManager correctly rejects it. Then I set the "trust all certs" override and the server accepts the connection as expected. But then when I turn the override off again, the server does not reject the connection. And my debug tells me that checkClientTrusted() is not even invoked.
  The only conclusion I can draw is that the socket remembers that a specific cert is trusted, and doesn't check it again for subsequent connections. Is this correct? If so, is there a way to make the socket "forget" trusted certs? I'd prefer not to tell the user she has to restart the app whenever she resets the "trust all cert" override.

  Why? This is very bad practice. SSL is not secure
  without correct authentication of certificates.The app I'm writing permits a client to copy its clipboard and/or selected files to the server. It may be used across a public network or the client and server may reside on a local LAN that is either not connected to a public network or at least the port in use is not open through the firewall. In the latter case, the user can forgo setting up and maintaining certs in the TrustStore if they choose (private key entries for the SSL session to use are created automatically). The user is warned with a pop-up of the consequences of trusting all certs, when that option is selected.
  Another use case where the same issue arises is when the user removes a trusted cert from the TrustStore, and the client using that cert subsequently attempts to connect. The user can remove certs from the TrustStore very easily, from a control panel while the server is running. If I didn't invalidate the session, the user would believe that the cert in question was no longer trusted, but the server would still accept connections authenticated with it.
  At any rate, your answer solved my problem. I was closing the connection after each client-server transaction, but overlooking the fact that a subsequent connection on the same socket would continue the SSL session. Now I'm invalidating the session after closing the connection, and changes to the trust policy are effective on the next connection.
  Thanks for your help.
  -Mark

• How to use Self Signed certificate with SSLServerSocket?

  Hello to all.
  I'm trying to build a simple client/server system wich uses SSLSocket to exchange data. (JavaSE 6)
  The server must have it's own certificate, clients don't need one.
  I started with this
  http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
  To generate key for the server and a self signed certificate.
  To sum it up:
       Create a new keystore and self-signed certificate with corresponding public/private keys.
  keytool -genkeypair -alias mytest -keyalg RSA -validity 7 -keystore /scratch/stores/server.jks
       Export and examine the self-signed certificate.
  keytool -export -alias mytest -keystore /scratch/stores/server.jks -rfc -file server.cer
       Import the certificate into a new truststore.
  keytool -import -alias mytest -file server.cer -keystore /scratch/stores/client.jksThen in my server code I do
  System.setProperty("javax.net.ssl.keyStore", "/scratch/stores/server.jks");
  System.setProperty("javax.net.ssl.keyStorePassword", "123456");
  SSLServerSocketFactory sf = sslContext.getServerSocketFactory();
  SSLServerSocket sslServerSocket = (SSLServerSocket)sf.createServerSocket( port );
  Socket s = sslServerSocket.accept();I am basically missing some point because I get a "javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled." when I try to run the server.
  Can it be a problem with the certificate? When using -validity <days> in keytool the certificate gets self-signed, so it should work if I'm not wrong.
  I have also tried this solution
  serverKeyStore = KeyStore.getInstance( "JKS" );
  serverKeyStore.load( new FileInputStream("/scratch/stores/server.jks" ),
       "123456".toCharArray() );
  tmf = TrustManagerFactory.getInstance( "SunX509" );
  tmf.init( serverKeyStore );
  sslContext = SSLContext.getInstance( "TLS" );
  sslContext.init( null, tmf.getTrustManagers(),secureRandom );
  SSLServerSocketFactory sf = sslContext.getServerSocketFactory();
  SSLServerSocket ss = (SSLServerSocket)sf.createServerSocket( port );and still it doesn't work.
  So what am I missing?

  You were right. I corrected the mistakes in the server code, now it's
       private SSLServerSocket setupSSLServerSocket(){
            try {
                 SSLContext sslContext = SSLContext.getInstance( "TLS" );
                 KeyManagerFactory km = KeyManagerFactory.getInstance("SunX509");
                 KeyStore ks = KeyStore.getInstance("JKS");
                 ks.load(new FileInputStream(_KEYSTORE), _KEYSTORE_PASSWORD.toCharArray());
                 km.init(ks, _KEYSTORE_PASSWORD.toCharArray());
                  * Da usare con un truststore se serve autenticazione dei client
                  * TrustManagerFactory tm = TrustManagerFactory.getInstance("SunX509");
                 tm.init(ks);*/
                 sslContext.init(km.getKeyManagers(), null, null);
                 SSLServerSocketFactory f = sslContext.getServerSocketFactory();
                 SSLServerSocket ss = (SSLServerSocket) f.createServerSocket(_PORT);
                 return ss;
            } catch (UnrecoverableKeyException e) {
                 e.printStackTrace();
            } catch (KeyManagementException e) {
                 e.printStackTrace();
            } catch (NoSuchAlgorithmException e) {
                 e.printStackTrace();
            } catch (KeyStoreException e) {
                 e.printStackTrace();
            } catch (CertificateException e) {
                 e.printStackTrace();
            } catch (FileNotFoundException e) {
                 e.printStackTrace();
            } catch (IOException e) {
                 e.printStackTrace();
            return null;
       }and on the client code
  private SSLSocket setupSSLClientSocket(){
       try {
            SSLContext sslContext = SSLContext.getInstance( "TLS" );
            /* SERVER
            KeyManagerFactory km = KeyManagerFactory.getInstance("SunX509");
            km.init(ks, _KEYSTORE_PASSWORD.toCharArray());
            KeyStore clientks = KeyStore.getInstance("JKS");
            clientks.load(new FileInputStream(_TRUSTSTORE), _TRUSTSTORE_PASS.toCharArray());
            TrustManagerFactory tm = TrustManagerFactory.getInstance("SunX509");
            tm.init(clientks);
            sslContext.init(null, tm.getTrustManagers(), null);
            SSLSocketFactory f = sslContext.getSocketFactory();
            SSLSocket sslSocket = (SSLSocket) f.createSocket("localhost", _PORT);
            return sslSocket;
       } catch (KeyManagementException e) {
            e.printStackTrace();
       } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
       } catch (KeyStoreException e) {
            e.printStackTrace();
       } catch (CertificateException e) {
            e.printStackTrace();
       } catch (FileNotFoundException e) {
            e.printStackTrace();
       } catch (IOException e) {
            e.printStackTrace();
       return null;
  }and added a System.out.println(sslSocket); after every incoming message (server side) and SSL is now fully working!
  So my mistakes were:
  [] Incorrect setup done by code
  [] Incorrect and insufficient println() of socket status
  Now that everything works, I've deleted all this manual setup and just use the system properties. (They MUST be set before getting the Factory)
  SERVER SIDE:
  System.setProperty("javax.net.ssl.keyStore", _KEYSTORE);
  System.setProperty("javax.net.ssl.keyStorePassword", KEYSTOREPASSWORD);
  SSLServerSocketFactory f = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
  SSLServerSocket sslServerSocket = (SSLServerSocket) f.createServerSocket(_PORT);
  CLIENT SIDE:
  System.setProperty("javax.net.ssl.trustStore", "/scratch/stores/client.jks");
  System.setProperty("javax.net.ssl.trustStorePassword", "client");
  SSLSocketFactory f = (SSLSocketFactory) SSLSocketFactory.getDefault();
  SSLSocket sslSocket = (SSLSocket) f.createSocket(_HOST, _PORT);
  And everything is working as expected. Thank you!
  I hope my code will help someone else in the future.

• SSLServerSocket + SSLSocket stops the thread ?

  Hi
  I'm really new to security issues. I'm trying to code a chat application with SSLServerSocket + SSLSocket as part of my project.
  I can create server and client , there are no problems during connection establishment
  but when connection is established and threads are started, connections for both parties is lost ?
  here's my code for server side
  SSLServerSocketFactory ssf = (SSLServerSocketFactory ) SSLServerSocketFactory.getDefault();
  welcomeSocket = (SSLServerSocket) ssf.createServerSocket(7001);
  final String[] enabledCipherSuites = { "SSL_DH_anon_WITH_RC4_128_MD5" };
  welcomeSocket.setEnabledCipherSuites(enabledCipherSuites);
  JOptionPane.showMessageDialog(null, "Now will wait for a connection");
  connectionSocket = (SSLSocket) welcomeSocket.accept();
  //create GUI
  initComponents();
  //create connections
  initializeInputOutputStreams();
  //start listening thread
  new listen(inFromClient,outToClient,conversationField,serverip).start();here's my code for client side
  serverip=JOptionPane.showInputDialog("Enter IP:","localhost");
  SSLSocketFactory ssf = (SSLSocketFactory ) SSLSocketFactory.getDefault();     
  connectionSocket = (SSLSocket) ssf.createSocket(serverip, 7001);
  //create GUI
  initComponents();
  //create connections
  initializeInputOutputStreams();
  //start listening thread
  new listen(inFromClient,outToClient,conversationField,serverip).start();and here's the listening thread
  public class listen extends Thread
       //variables & constructor etc.
       public void run()
            while(true)
                 try
                 {     //read recieved message
                      recievedMessage = inFromClient.readLine();
                 catch (IOException e)
                      //catch clause stuff here
                 // if file transfer
                 if (recievedMessage.startsWith("INCOMING FILE TRANSFER FROM REMOTE")) //here is the problem ? null pointer exception.
                      //file transfer stuff here
                 else
                      //message stuff here
  }I'ld really appreciate if you help

  final String[] enabledCipherSuites = { "SSL_DH_anon_WITH_RC4_128_MD5" };
  welcomeSocket.setEnabledCipherSuites(enabledCipherSuites);Why are you doing that? Don't. It's insecure.
  JOptionPane.showMessageDialog(null, "Now will wait for a connection");
  connectionSocket = (SSLSocket) welcomeSocket.accept();If this is happening in the AWT thread it will block and freeze your server GUI. Start a separate thread for accepting.
            while(true)
                 try
                 {     //read recieved message
                      recievedMessage = inFromClient.readLine();You're not testing for EOS here:
  if (receivedMessage == null)
    break;

• A problem with threads

  I am trying to implement some kind of a server listening for requests. The listener part of the app, is a daemon thread that listens for connections and instantiates a handling daemon thread once it gets some. However, my problem is that i must be able to kill the listening thread at the user's will (say via a sto button). I have done this via the Sun's proposed way, by testing a boolean flag in the loop, which is set to false when i wish to kill the thread. The problem with this thing is the following...
  Once the thread starts excecuting, it will test the flag, find it true and enter the loop. At some point it will LOCK on the server socket waiting for connection. Unless some client actually connects, it will keep on listening indefinatelly whithought ever bothering to check for the flag again (no matter how many times you set the damn thing to false).
  My question is this: Is there any real, non-theoretical, applied way to stop thread in java safely?
  Thank you in advance,
  Lefty

  This was one solution from the socket programming forum, have you tried this??
  public Thread MyThread extends Thread{
       boolean active = true;          
       public void run(){
            ss.setSoTimeout(90);               
            while (active){                   
                 try{                       
                      serverSocket = ss.accept();
                 catch (SocketTimeoutException ste){
                 // do nothing                   
       // interrupt thread           
       public void deactivate(){               
            active = false;
            // you gotta sleep for a time longer than the               
            // accept() timeout to make sure that timeout is finished.               
            try{
                 sleep(91);               
            }catch (InterruptedException ie){            
            interrupt();
  }

• A problem with Threads and MMapi

  I am tring to execute a class based on Game canvas.
  The problem begin when I try to Play both a MIDI tone and to run an infinit Thread loop.
  The MIDI tone "Stammers".
  How to over come the problem?
  Thanks in advance
  Kobi
  See Code example below:
  import java.io.IOException;
  import java.io.InputStream;
  import javax.microedition.lcdui.Graphics;
  import javax.microedition.lcdui.Image;
  import javax.microedition.lcdui.game.GameCanvas;
  import javax.microedition.media.Manager;
  import javax.microedition.media.MediaException;
  import javax.microedition.media.Player;
  public class MainScreenCanvas extends GameCanvas implements Runnable {
       private MainMIDlet parent;
       private boolean mTrucking = false;
       Image imgBackgound = null;
       int imgBackgoundX = 0, imgBackgoundY = 0;
       Player player;
       public MainScreenCanvas(MainMIDlet parent)
            super(true);
            this.parent = parent;
            try
                 imgBackgound = Image.createImage("/images/area03_bkg0.png");
                 imgBackgoundX = this.getWidth() - imgBackgound.getWidth();
                 imgBackgoundY = this.getHeight() - imgBackgound.getHeight();
            catch(Exception e)
                 System.out.println(e.getMessage());
        * starts thread
       public void start()
            mTrucking = true;
            Thread t = new Thread(this);
            t.start();
        * stops thread
       public void stop()
            mTrucking = false;
       public void play()
            try
                 InputStream is = getClass().getResourceAsStream("/sounds/scale.mid");
                 player = Manager.createPlayer(is, "audio/midi");
                 player.setLoopCount(-1);
                 player.prefetch();
                 player.start();
            catch(Exception e)
                 System.out.println(e.getMessage());
       public void run()
            Graphics g = getGraphics();
            play();
            while (true)
                 tick();
                 input();
                 render(g);
        * responsible for object movements
       private void tick()
        * response to key input
       private void input()
            int keyStates = getKeyStates();
            if ((keyStates & LEFT_PRESSED) != 0)
                 imgBackgoundX++;
                 if (imgBackgoundX > 0)
                      imgBackgoundX = 0;
            if ((keyStates & RIGHT_PRESSED) != 0)
                 imgBackgoundX--;
                 if (imgBackgoundX < this.getWidth() - imgBackgound.getWidth())
                      imgBackgoundX = this.getWidth() - imgBackgound.getWidth();
        * Responsible for the drawing
        * @param g
       private void render(Graphics g)
            g.drawImage(imgBackgound, imgBackgoundX, imgBackgoundY, Graphics.TOP | Graphics.LEFT);
            this.flushGraphics();
  }

  You can also try to provide a greater Priority to your player thread so that it gains the CPU time when ever it needs it and don't harm the playback.
  However a loop in a Thread and that to an infinite loop is one kind of very bad programming, 'cuz the loop eats up most of your CPU time which in turn adds up more delays of the execution of other tasks (just as in your case it is the playback). By witting codes bit efficiently and planning out the architectural execution flow of the app before start writing the code helps solve these kind of issues.
  You can go through [this simple tutorial|http://oreilly.com/catalog/expjava/excerpt/index.html] about Basics of Java and Threads to know more about threads.
  Regds,
  SD
  N.B. And yes there are more articles and tutorials available but much of them targets the Java SE / EE, but if you want to read them here is [another great one straight from SUN|http://java.sun.com/docs/books/tutorial/essential/concurrency/index.html] .
  Edited by: find_suvro@SDN on 7 Nov, 2008 12:00 PM