You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by madhurima v <mv...@nisum.com> on 2012/06/11 10:36:05 UTC
Connect from C++ SSL Client to Mina SSL server
Thanks for your quick response.
We are using Mina 2.0-M1 from last 4 years,due to the same reason i was
tried SSL connection also with same version.
as per your suggestion we updated the version to Mina-2.0.0-M5 and tried the
SSL connection
http://grepcode.com/file/repo1.maven.org/maven2/org.apache.mina/mina-example
/2.0.0-M5/org/apache/mina/example/echoserver/ssl/BogusSslContextFactory.java
?av=f.
Following is my issue.
1. generated bogus certificate using keystore commands available in
BogusSslContextFactory.java class.
// NOTE: The keystore was generated using keytool:
// keytool -genkey -alias bogus -keysize 512 -validity 3650
// -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
// O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
// -keypass boguspw -storepass boguspw -keystore bogus.cert
and we used same certificate in both sides and both ssl client and
server connected successfully.
2. After getting the connection we need to get the message in handler
-messageReceive() method.
here i am unable to get the original message. and automatically closing
the connection.
Mina server log :
SSL ON
Listening on port 9123
[12:19:24] NioProcessor-1 INFO [] []
[org.apache.mina.example.echoserver.EchoProtocolHandler] - OPENED
[12:19:26] NioProcessor-1 INFO [] []
[org.apache.mina.example.echoserver.EchoProtocolHandler] - Received :
SESSION_UNSECURED
[12:19:26] NioProcessor-1 INFO [] []
[org.apache.mina.example.echoserver.EchoProtocolHandler] - CLOSED .
Please help me if we need to do any changes on code to receive original
message.
Thanks & Regards,
Madhurima vadlamudi
Hi,
>
> should you identify any critical issues, I'd be more than happy to buy
> you a beer.
Actually, this is the best answer, *ever* :)
People want support, and are ready to pay for it, but OpenSources are
wanting to *fix* bugs and to offer a beer to those who have exposed the
bug ! I like this spirit !
Guys, I have a few advices for you, no pun intended :
- read the answers. We have told you to switch to the later version
(2.0.5), you are still telling us you are using an outdated version
- no need to ask your all team to send mails, just one person is enough
- when you decide to use a project, just be sure you understand how it
works. If you have no clue about what is a keystore in Java, the best is
probably to start there.
- You also have to understand that communication between two systems is
not depending on the langage in use. The fact that your client is
written in C++ is totally orthogonal with the problem you have. We
already have stated that once, or more, but if you don't understand,
there is little we can do to help you.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: Connect from C++ SSL Client to Mina SSL server
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 6/11/12 10:36 AM, madhurima v a écrit :
> Thanks for your quick response.
> We are using Mina 2.0-M1 from last 4 years,due to the same reason i was
> tried SSL connection also with same version.
> as per your suggestion we updated the version to Mina-2.0.0-M5 and tried the
> SSL connection
> http://grepcode.com/file/repo1.maven.org/maven2/org.apache.mina/mina-example
> /2.0.0-M5/org/apache/mina/example/echoserver/ssl/BogusSslContextFactory.java
> ?av=f.
>
> Following is my issue.
> 1. generated bogus certificate using keystore commands available in
> BogusSslContextFactory.java class.
> // NOTE: The keystore was generated using keytool:
> // keytool -genkey -alias bogus -keysize 512 -validity 3650
> // -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
> // O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
> // -keypass boguspw -storepass boguspw -keystore bogus.cert
> and we used same certificate in both sides and both ssl client and
> server connected successfully.
> 2. After getting the connection we need to get the message in handler
> -messageReceive() method.
> here i am unable to get the original message. and automatically closing
> the connection.
>
> Mina server log :
> SSL ON
> Listening on port 9123
> [12:19:24] NioProcessor-1 INFO [] []
> [org.apache.mina.example.echoserver.EchoProtocolHandler] - OPENED
> [12:19:26] NioProcessor-1 INFO [] []
> [org.apache.mina.example.echoserver.EchoProtocolHandler] - Received :
> SESSION_UNSECURED
Here, the handshake has failed. It might be because the client is trying
to negociate some cyphers that are not supported by MINA server.
The best things would be to use wireshark to analyze what is being
transmitted during the handshake. You can provide the output.
Also there is a way to set up some debugging for SSL
(http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html)
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com