You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Amit Ingale <am...@rediffmail.com> on 2002/06/12 02:31:02 UTC
A critical problen
hi,
i am working with apache axis beta 2 version
and have done setup of it on weblogic 5.1 sp11
i have a prob i have set up apache axis for two way ssl conf along
with two way ssl for webloic using verisign certificate the prob
is i have created a keystore
added ca, client cert and server cert to it and added
this code to my client also checked for jsse installation its
fine.
---------------------------------------------------------
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.debug", "ssl");
System.setProperty("javax.net.ssl.trustStore","D:\\weblogic\\myserver\\wls.keystore");
//jdk1.3.1_02\\jre\\lib\\security\\cacerts
System.setProperty("javax.net.ssl.keyStorePassword","changeit");
Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
--------------------------------------------------------
the prob is it gives me an error saying
********************************************************
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
main, SEND SSL v3.0 ALERT: warning, description =
no_certificate
main, WRITE: SSL v3.0 Alert, length = 2
*** ClientKeyExchange, RSA PreMasterSecret, v3.0
Random Secret: { 3, 0, 22, 56, 82, 101, 226, 75, 127, 103, 141,
235, 249, 14, 97, 86, 10, 159,
4, 233, 95, 106, 247, 102, 54, 22, 77, 220, 194, 255, 229, 94,
138, 26, 151, 219, 79, 64, 185,
[write] MD5 and SHA1 hashes: len = 68
0000: 10 00 00 40 84 EF 7D 26 08 D6 7B 11 6E 42 AA BC
...@...&....nB..
0010: 9C C7 B8 44 C4 DB C1 CB C2 8E 54 E4 A5 B8 BA CB
...D......T.....
0020: 73 53 B8 46 C0 AD 9F 46 25 A8 D4 1C 18 C9 A7 2D
sS.F...F%......-
0030: 14 8C BA 1B 4B F1 30 28 81 9C 19 4E 51 AD 57 6E
....K.0(...NQ.Wn
0040: 6F 08 7B E9 o...
main, WRITE: SSL v3.0 Handshake, length = 68
SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 16 38 52 65 E2 4B 7F 67 8D EB F9 0E 61 56
...8Re.K.g....aV
0010: 0A 9F 87 CA 11 51 6C 2A FD FE E9 5F 6A F7 66 36
.....Ql*..._j.f6
0020: 16 4D DC C2 FF E5 5E 8A 1A 97 DB 4F 40 B9 DC 56
.M....^....O@..V
CONNECTION KEYGEN:
Client Nonce:
0000: 3D 06 91 07 D6 6A E6 D3 3E FC DC 69 E4 4C 93 9A
=....j..>..i.L..
0010: 24 2E 7F 09 5D 1B 23 58 FD 62 EA 09 9C 2F 3C E4
$...].#X.b.../<.
Server Nonce:
0000: 3D 06 91 08 BB 11 A3 17 47 6A 47 6F 5D 6F D5 56
=.......GjGo]o.V
0010: 0E A3 3A 29 BD 3E 5D 72 31 9F 49 87 4C 39 5B 30
..:).>]r1.I.L9[0
Master Secret:
0000: 45 F0 FD B6 7D EF C1 79 4B 97 E9 1B D4 DD 62 61
E......yK.....ba
0010: B7 90 EF 09 AE 25 17 78 27 26 19 0E F3 0A A8 FF
.....%.x'&......
0020: 4D 3C 90 34 09 E3 3D 67 91 DA 4D 05 BC F8 05 3A
M<.4..=g..M....:
Client MAC write Secret:
0000: 41 8C 0E A9 A6 BD A4 8D EF 6D 54 91 BC 96 6C E5
A........mT...l.
0010: 0A 0C F0 94 ....
Server MAC write Secret:
0000: 07 3E D8 E6 A5 E2 78 34 DB 36 6E 20 8E 3A 7B E1
.>....x4.6n .:..
0010: 54 03 AF 31 T..1
Client write key:
0000: E6 44 31 5A 5F B4 A7 5E
.D1Z_..^
Server write key:
0000: C2 16 06 1C 18 AE 3E EE
......>.
Client write IV:
0000: EC CD D0 C3 17 A8 73 C7
......s.
Server write IV:
0000: A6 FE E0 0C 92 8F DF 25
.......%
main, WRITE: SSL v3.0 Change Cipher Spec, length = 1
*** Finished, v3.0
MD5 Hash: { 153, 118, 220, 126, 180, 252, 132, 68, 55, 240, 236,
165, 181, 52, 194, 99 }
SHA1 Hash: { 68, 108, 161, 38, 163, 126, 84, 226, 243, 27, 185,
209, 62, 244, 228, 236, 1, 153
***
[write] MD5 and SHA1 hashes: len = 40
0000: 14 00 00 24 99 76 DC 7E B4 FC 84 44 37 F0 EC A5
...$.v.....D7...
0010: B5 34 C2 63 44 6C A1 26 A3 7E 54 E2 F3 1B B9 D1
.4.cDl.&..T.....
0020: 3E F4 E4 EC 01 99 CA 90
>.......
Padded plaintext before ENCRYPTION: len = 64
0000: 14 00 00 24 99 76 DC 7E B4 FC 84 44 37 F0 EC A5
...$.v.....D7...
0010: B5 34 C2 63 44 6C A1 26 A3 7E 54 E2 F3 1B B9 D1
.4.cDl.&..T.....
0020: 3E F4 E4 EC 01 99 CA 90 8D 64 91 F1 86 4F CA E8
>........d...O..
0030: A7 29 46 32 EF 26 7B FD 8E FC E0 E5 03 03 03 03
.)F2.&..........
main, WRITE: SSL v3.0 Handshake, length = 64
java.net.SocketException: Connection aborted by peer: socket write
error
java.net.SocketException: Connection aborted by peer: socket write
error
at java.net.SocketOutputStream.socketWrite(Native
Method)
at java.net.SocketOutputStream.write(Unknown Source)
at
com.sun.net.ssl.internal.ssl.OutputRecord.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.e([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
at java.io.OutputStream.write(Unknown Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120198])
at java.lang.reflect.Method.invoke(Native Method)
at
org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:255)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:154)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:121)
at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:174)
at org.apache.axis.client.Call.invoke(Call.java:1905)
at org.apache.axis.client.Call.invoke(Call.java:1690)
at org.apache.axis.client.Call.invoke(Call.java:1608)
at org.apache.axis.client.Call.invoke(Call.java:1169)
at DataExtract.Client1.main(Client1.java:107)
*******************************************************
this error appears only if i use verisigns certificate both for
client as well as server
but if i use selfsign certificate it works properly
but in production environment we cant use self signed
certificates, so pl guide me to solve this problem
thanks and regards
Amit
_________________________________________________________
Click below to visit monsterindia.com and review jobs in India or
Abroad
http://monsterindia.rediff.com/jobs