|
|||||||||
|
|||||||||
|
|||||||||
| |
|||
 |
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
| |
|||
|
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Display Modes |
Dev Articles Community Forums Sponsor:
|
|
|
|
#1
October 4th, 2005, 04:35 AM
|
|||
|
|||
|
Received fatal alert: handshake_failure!!
Hi all,
I have to connect with a server via mutual authentication. I have to received a server certificate and send my client certificate, which I have stored in cacerts. This certificate is a class 3 certificate from verisign. If I try to connect from IE directly as: https://195.235.160.165/GPP/WLServer I have no problem, but when I try to connect from my servlet MY CODE com.sun.net.ssl.SSLContext ctx = com.sun.net.ssl.SSLContext.getInstance("SSL"); URL url = new URL("https://195.235.160.165/GPP/WLServer"); HttpURLConnection conn = (HttpURLConnection) url.openConnection(); com.sun.net.ssl.HttpsURLConnection urlConn = (com.sun.net.ssl.HttpsURLConnection) conn; urlConn.setDoOutput(true); com.sun.net.ssl.KeyManagerFactory _kmFactory = null;; com.sun.net.ssl.TrustManagerFactory _tmFactory = null; //Establecemos los certificados //Cliente String _clientCertStoreFile = "C:\\certificados\\cacerts.jks"; String _serverCertStoreFile = "C:\\certificados\\keystore.jks"; String _clientCertStorePswd = "changeit"; String _serverCertStorePswd = "changeit"; InputStream _clientCertInputStream = null; InputStream _serverCertInputStream = null; String TRUST_STORE = "javax.net.ssl.trustStore"; String TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword"; String KEY_STORE = "javax.net.ssl.keyStore"; String KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword"; log.debug("set client side cert ..."); if (_clientCertStoreFile != null) { InputStream retInputStream = null; try{ retInputStream = new FileInputStream(_clientCertStoreFile); } catch (FileNotFoundException fnfe) { retInputStream = this.getClass().getResourceAsStream(_clientCertSto reFile); } log.debug("The input stream is: " + retInputStream); _clientCertInputStream = retInputStream; } try { if (_clientCertInputStream != null) { log.debug("setting client side cert ..."); KeyStore clientCertKeyStore = KeyStore.getInstance(KeyStore.getDefaultType()); clientCertKeyStore.load(_clientCertInputStream, _clientCertStorePswd.toCharArray()); _kmFactory = com.sun.net.ssl.KeyManagerFactory.getInstance(com. sun.net.ssl.KeyManagerFactory.getDefaultAlgorithm( )); _kmFactory.init(clientCertKeyStore, _clientCertStorePswd.toCharArray()); } else { log.debug("nothing to set for the client cert!"); } } catch (IOException ioe) { ioe.printStackTrace(); } catch (KeyStoreException kse) { kse.printStackTrace(); } catch (NoSuchAlgorithmException nsae) { nsae.printStackTrace(); } catch (java.security.cert.CertificateException ce) { ce.printStackTrace(); } catch (UnrecoverableKeyException uke) { uke.printStackTrace(); } //Servidor log.debug("set server side cert ..."); if (_serverCertStoreFile != null) { log.debug("read server side cert ..."); InputStream retInputStream = null; try{ retInputStream = new FileInputStream(_serverCertStoreFile); } catch (FileNotFoundException fnfe) { retInputStream = this.getClass().getResourceAsStream(_serverCertSto reFile); } _serverCertInputStream = retInputStream; } if (_serverCertInputStream != null) { try { log.debug("setting server side cert ..."); KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(_serverCertInputStream, _serverCertStorePswd.toCharArray()); _tmFactory = com.sun.net.ssl.TrustManagerFactory.getInstance(co m.sun.net.ssl.TrustManagerFactory.getDefaultAlgori thm()); _tmFactory.init(trustStore); } catch (IOException ioe) { ioe.printStackTrace(); } catch (KeyStoreException kse) { kse.printStackTrace(); instance"); } catch (NoSuchAlgorithmException nsae) { nsae.printStackTrace(); } catch (java.security.cert.CertificateException ce) { ce.printStackTrace(); } } else { log.debug("Nothing to set for the server cert"); } if (_kmFactory != null){ if (_tmFactory != null){ //ctx.init(_kmFactory.getKeyManagers(), _tmFactory.getTrustManagers(), null); ctx.init(new com.sun.net.ssl.X509KeyManager[]{}, trustAllCerts, new java.security.SecureRandom()); } else{ ctx.init(_kmFactory.getKeyManagers(), null, null); } } else{ if (_tmFactory != null){ ctx.init(null, _tmFactory.getTrustManagers(), null); } else{ return; } } urlConn.setHostnameVerifier(new HostnameVerifier() { public boolean verify(String hostname, String session) { // I don't care if the certificate doesn't match host name System.out.println("hotname: "+hostname); return true; } }); urlConn.setSSLSocketFactory(ctx.getSocketFactory() ); urlConn.setDefaultSSLSocketFactory(ctx.getSocketFa ctory()); BufferedReader in = new BufferedReader( new InputStreamReader( urlConn.getInputStream())); //Creates a writer with the encoding parameter as "UTF-8" Writer out_ = new OutputStreamWriter(response.getOutputStream(), "UTF-8" ); log.debug("Creating writer"); String inputLine; String fichero_in = ""; while ((inputLine = in.readLine()) != null){ if(inputLine.length()!=0){ System.out.println(inputLine); fichero_in = inputLine; out_.write(inputLine); } } in.close(); //Sets the Content-Type header response.setContentType("application/xml; charset=utf-8"); //response.setContentType("text/html; charset=UTF-8"); //Sends the response XML to the client out_.write(fichero_in); out_.flush(); response.sendRedirect(response.encodeRedirectURL("out_"));
|
|
| Viewing: Dev Articles Community Forums > Programming > Java Development > Received fatal alert: handshake_failure!! |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
