You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-user@ws.apache.org by "陳照東) <alex@erp.ncu.edu.tw>" <Alex> on 2001/04/10 16:14:29 UTC
Re: SSL problems - has anyone been successful???
when i generate my certificate , below is my message :
D:\jakarta-tomcat-3.2.1\webapps\ROOT\ant\bin>keytool -genkey -alias
tomcat-sv -d
name "CN=Server,OU=ComputerEngineering, O= Trinity College Dublin,L=Dublin,
S=Du
blin, C=IE"
Enter keystore password: 1234
keytool error: java.io.IOException: Keystore was tampered with, or password
was
incorrect
but no matter what password i input, it just wrong...
somebidy can tell me what should i input????
IT DEP. Special Team-XML
Alex
Tel:(03)4227151 ext:6024
alex@ERP.NCU.EDU.TW
=We Do Enterprise Services=
----- Original Message -----
From: "Stéphane Bélanger" <sb...@xpert-inc.com>
To: <so...@xml.apache.org>
Sent: Saturday, March 31, 2001 4:17 AM
Subject: RE: SSL problems - has anyone been successful???
For my part, here is what I have done to make it work:
1- Download and install JSSE 1.0.2 as stated in the JSSE installation
procedure
2- Add jsse.jar, jcert.jar and jnet.jar in your CLASSPATH
3- In order to support the https protocol, add the following code to your
SOAP client or your test program:
import java.security.Security;
// Add https protocol support
System.setProperty("java.protocol.handler.pkgs",
com.sun.net.ssl.internal.www.protocol");
// Add SSL Provider
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
4- You must have a valid certificate on your SOAP server. If you don't, you
can download a test certificate from VeriSign or another certificate
provider. In this case, your client will not recognize the certificate
until you add it to your certificate database. I use Jbuilder, therefore my
certificate db is C:\JBuilder4\jdk1.3\jre\lib\security\cacerts. It already
contains pre-installed certificates. You can add your test certificate by
typing the following command :
keytool -import -file mycert.cer -keystore
C:\JBuilder4\jdk1.3\jre\lib\security\cacerts
It will probably ask you for a password, usually it is « changeit » for
pre-installed certificated, so I understood.
To create the file mycert.cer which is a certificate file, follow the
instruction from VeriSign to install the test certificate on your server and
connect to your server using the https protocol using IE. When asked
whether to install or to save the certificate, save it as mycert.cer and
import it on your client machine as explained.
If you already have a certificate db that you want to use, add the following
code to specify the keystore to be used.
Example:
System.setProperty("javax.net.ssl.trustStore",
System.getProperty("user.home") + File.separator + ".keystore");
With that, I was able to make it work. I'm using IIS, JRun and Apache SOAP.
Good luck!
Stéphane
-----Message d'origine-----
De : Braginsky, Leo [mailto:lbragins@akamai.com]
Envoyé : 29 mars, 2001 17:21
À : 'soap-user@xml.apache.org'
Objet : SSL problems - has anyone been successful???
Guys,
I am as much confused as I am frustrated.
I've seen many messages on the SSL subject ranging from "how to start?" to
"almost there, but not quite." The latter is my case as well. So, my
question is: HAS ANYONE BEEN SUCCESSFUL in making Java client (bean, EJB,
JSP) to communicate with SOAP server using Apache/SOAP 2.0 (or 2.1)
framework? I did find a bunch of info sources on the Web that address this
issue, but despite the plentiful theoretical insight I've been unable to
make SOAP connection over SSL happen.
So, if anyone has succeeded in doing this, can this person please take a few
minutes to describe ALL the steps that he took. I'm sure the entire mailing
list will appreciate this.
P.S. My current problem is that it seems that the client contacts SSL server
in clear text. That's what the Snoop tool that we run on the server tells
us.
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
Re: SSL problems - has anyone been successful???
Posted by Peter Glynn <gl...@tcd.ie>.
Yeah I think that I had the same problem. I think your keystore has been
messed up. Try deleting your keystore and generating a new one or just make
a new keystore and try over again.
----- Original Message -----
From: "Alex (陳照東)" <al...@erp.ncu.edu.tw>
To: <so...@xml.apache.org>
Sent: Tuesday, April 10, 2001 3:14 PM
Subject: Re: SSL problems - has anyone been successful???
> when i generate my certificate , below is my message :
>
> D:\jakarta-tomcat-3.2.1\webapps\ROOT\ant\bin>keytool -genkey -alias
> tomcat-sv -d
> name "CN=Server,OU=ComputerEngineering, O= Trinity College
Dublin,L=Dublin,
> S=Du
> blin, C=IE"
> Enter keystore password: 1234
> keytool error: java.io.IOException: Keystore was tampered with, or
password
> was
> incorrect
>
> but no matter what password i input, it just wrong...
> somebidy can tell me what should i input????
>
> IT DEP. Special Team-XML
> Alex
> Tel:(03)4227151 ext:6024
>
> alex@ERP.NCU.EDU.TW
> =We Do Enterprise Services=
> ----- Original Message -----
> From: "Stéphane Bélanger" <sb...@xpert-inc.com>
> To: <so...@xml.apache.org>
> Sent: Saturday, March 31, 2001 4:17 AM
> Subject: RE: SSL problems - has anyone been successful???
>
>
> For my part, here is what I have done to make it work:
>
> 1- Download and install JSSE 1.0.2 as stated in the JSSE installation
> procedure
> 2- Add jsse.jar, jcert.jar and jnet.jar in your CLASSPATH
> 3- In order to support the https protocol, add the following code to your
> SOAP client or your test program:
>
> import java.security.Security;
> // Add https protocol support
> System.setProperty("java.protocol.handler.pkgs",
> com.sun.net.ssl.internal.www.protocol");
> // Add SSL Provider
> Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
>
> 4- You must have a valid certificate on your SOAP server. If you don't,
you
> can download a test certificate from VeriSign or another certificate
> provider. In this case, your client will not recognize the certificate
> until you add it to your certificate database. I use Jbuilder, therefore
my
> certificate db is C:\JBuilder4\jdk1.3\jre\lib\security\cacerts. It
already
> contains pre-installed certificates. You can add your test certificate by
> typing the following command :
>
> keytool -import -file mycert.cer -keystore
> C:\JBuilder4\jdk1.3\jre\lib\security\cacerts
>
> It will probably ask you for a password, usually it is « changeit » for
> pre-installed certificated, so I understood.
>
> To create the file mycert.cer which is a certificate file, follow the
> instruction from VeriSign to install the test certificate on your server
and
> connect to your server using the https protocol using IE. When asked
> whether to install or to save the certificate, save it as mycert.cer and
> import it on your client machine as explained.
>
> If you already have a certificate db that you want to use, add the
following
> code to specify the keystore to be used.
>
> Example:
> System.setProperty("javax.net.ssl.trustStore",
> System.getProperty("user.home") + File.separator + ".keystore");
>
> With that, I was able to make it work. I'm using IIS, JRun and Apache
SOAP.
>
> Good luck!
>
> Stéphane
>
>
> -----Message d'origine-----
> De : Braginsky, Leo [mailto:lbragins@akamai.com]
> Envoyé : 29 mars, 2001 17:21
> À : 'soap-user@xml.apache.org'
> Objet : SSL problems - has anyone been successful???
>
>
> Guys,
>
> I am as much confused as I am frustrated.
> I've seen many messages on the SSL subject ranging from "how to start?" to
> "almost there, but not quite." The latter is my case as well. So, my
> question is: HAS ANYONE BEEN SUCCESSFUL in making Java client (bean, EJB,
> JSP) to communicate with SOAP server using Apache/SOAP 2.0 (or 2.1)
> framework? I did find a bunch of info sources on the Web that address this
> issue, but despite the plentiful theoretical insight I've been unable to
> make SOAP connection over SSL happen.
> So, if anyone has succeeded in doing this, can this person please take a
few
> minutes to describe ALL the steps that he took. I'm sure the entire
mailing
> list will appreciate this.
>
> P.S. My current problem is that it seems that the client contacts SSL
server
> in clear text. That's what the Snoop tool that we run on the server tells
> us.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
Re: SSL problems - has anyone been successful???
Posted by Peter Glynn <gl...@tcd.ie>.
Yeah I think that I had the same problem. I think your keystore has been
messed up. Try deleting your keystore and generating a new one or just make
a new keystore and try over again.
----- Original Message -----
From: "Alex (陳照東)" <al...@erp.ncu.edu.tw>
To: <so...@xml.apache.org>
Sent: Tuesday, April 10, 2001 3:14 PM
Subject: Re: SSL problems - has anyone been successful???
> when i generate my certificate , below is my message :
>
> D:\jakarta-tomcat-3.2.1\webapps\ROOT\ant\bin>keytool -genkey -alias
> tomcat-sv -d
> name "CN=Server,OU=ComputerEngineering, O= Trinity College
Dublin,L=Dublin,
> S=Du
> blin, C=IE"
> Enter keystore password: 1234
> keytool error: java.io.IOException: Keystore was tampered with, or
password
> was
> incorrect
>
> but no matter what password i input, it just wrong...
> somebidy can tell me what should i input????
>
> IT DEP. Special Team-XML
> Alex
> Tel:(03)4227151 ext:6024
>
> alex@ERP.NCU.EDU.TW
> =We Do Enterprise Services=
> ----- Original Message -----
> From: "Stéphane Bélanger" <sb...@xpert-inc.com>
> To: <so...@xml.apache.org>
> Sent: Saturday, March 31, 2001 4:17 AM
> Subject: RE: SSL problems - has anyone been successful???
>
>
> For my part, here is what I have done to make it work:
>
> 1- Download and install JSSE 1.0.2 as stated in the JSSE installation
> procedure
> 2- Add jsse.jar, jcert.jar and jnet.jar in your CLASSPATH
> 3- In order to support the https protocol, add the following code to your
> SOAP client or your test program:
>
> import java.security.Security;
> // Add https protocol support
> System.setProperty("java.protocol.handler.pkgs",
> com.sun.net.ssl.internal.www.protocol");
> // Add SSL Provider
> Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
>
> 4- You must have a valid certificate on your SOAP server. If you don't,
you
> can download a test certificate from VeriSign or another certificate
> provider. In this case, your client will not recognize the certificate
> until you add it to your certificate database. I use Jbuilder, therefore
my
> certificate db is C:\JBuilder4\jdk1.3\jre\lib\security\cacerts. It
already
> contains pre-installed certificates. You can add your test certificate by
> typing the following command :
>
> keytool -import -file mycert.cer -keystore
> C:\JBuilder4\jdk1.3\jre\lib\security\cacerts
>
> It will probably ask you for a password, usually it is « changeit » for
> pre-installed certificated, so I understood.
>
> To create the file mycert.cer which is a certificate file, follow the
> instruction from VeriSign to install the test certificate on your server
and
> connect to your server using the https protocol using IE. When asked
> whether to install or to save the certificate, save it as mycert.cer and
> import it on your client machine as explained.
>
> If you already have a certificate db that you want to use, add the
following
> code to specify the keystore to be used.
>
> Example:
> System.setProperty("javax.net.ssl.trustStore",
> System.getProperty("user.home") + File.separator + ".keystore");
>
> With that, I was able to make it work. I'm using IIS, JRun and Apache
SOAP.
>
> Good luck!
>
> Stéphane
>
>
> -----Message d'origine-----
> De : Braginsky, Leo [mailto:lbragins@akamai.com]
> Envoyé : 29 mars, 2001 17:21
> À : 'soap-user@xml.apache.org'
> Objet : SSL problems - has anyone been successful???
>
>
> Guys,
>
> I am as much confused as I am frustrated.
> I've seen many messages on the SSL subject ranging from "how to start?" to
> "almost there, but not quite." The latter is my case as well. So, my
> question is: HAS ANYONE BEEN SUCCESSFUL in making Java client (bean, EJB,
> JSP) to communicate with SOAP server using Apache/SOAP 2.0 (or 2.1)
> framework? I did find a bunch of info sources on the Web that address this
> issue, but despite the plentiful theoretical insight I've been unable to
> make SOAP connection over SSL happen.
> So, if anyone has succeeded in doing this, can this person please take a
few
> minutes to describe ALL the steps that he took. I'm sure the entire
mailing
> list will appreciate this.
>
> P.S. My current problem is that it seems that the client contacts SSL
server
> in clear text. That's what the Snoop tool that we run on the server tells
> us.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org