You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Kwan Hon Luen <se...@yahoo.com.sg> on 2003/02/26 06:33:03 UTC

[users@httpd] How to use Java to connect to Apache Server Via SSL with Client Authentication

Hi ,

I can use java to connect to apache server via SSL without client
authentication.
Just use
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.ww
w.protocol");

In trying to connect to the apache via SSL with client authentication, I do
the following:

Using keytool, I generated the java client keystore which consists of the
java client private key and cert wrapped public key.
In addition, I use keytool to generate a CSR from this keystore.
This CSR is then signed by the CA using Openssl toolkit, generating the
signed certificate.
I then import the signed certificate into both java client keystore and
cacerts.

I then added the following two lines to the code:

  System.setProperty("javax.net.ssl.keyStore","D:\\keystore\\.keystore");
  System.setProperty("javax.net.ssl.keyStorePassword","changeit");

But I get this error, DOES anyone know how to solve this problem??


java.net.SocketException: Connection aborted by peer: socket write error
        at java.net.SocketOutputStream.socketWrite(Native Method)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:91)
        at com.sun.net.ssl.internal.ssl.OutputRecord.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(DashoA6275)
        at
com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(DashoA62
75)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.c(DashoA6275)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA62
75)
        at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
        at java.io.OutputStream.write(OutputStream.java:56)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)

        at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect(Das
hoA6275)
        at
com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer(
DashoA6275)
        at
com.sun.net.ssl.internal.www.protocol.https.HttpClient.l(DashoA6275)
        at
com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>(DashoA6
275)
        at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>(DashoA
6275)
        at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA6275)

        at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA6275)

        at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connec
t(DashoA6275)
        at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInp
utStream(DashoA6275)
        at ssl.main(ssl.java:30)

__________________________________________________
Do You Yahoo!?
Promote your business from just $5 a month!
http://sg.biztools.yahoo.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org