You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Pfingstl Gernot <ge...@stmk.gv.at> on 2005/01/14 18:41:35 UTC

SSL init problem on Linux

Hi,
I use following code to init my SSL connection in a SecureProtocolSocketFactory (httpclient 3.0beta1):

SSLContext ctx; 
KeyManagerFactory kmf; 
KeyStore ks; 
System.setProperty(DEBUG_JSSE, "all"); 
System.setProperty(TRUST_STORE, "/pfadzumtrusstore"); 
System.setProperty(PROTOCOL_HANDLER,"com.sun.net.ssl.internal.www.protocol"); 
java.security.Security.addProvider((java.security.Provider) (Class.forName("com.sun.net.ssl.internal.ssl.Provider")).newInstance()); 
char[] passphrase = "geheim".toCharArray(); 
ctx = SSLContext.getInstance("TLS"); 
kmf = KeyManagerFactory.getInstance("SunX509"); 
ks = KeyStore.getInstance("JKS"); 
ks.load(new FileInputStream("/pfadzukeystore"), passphrase); 
kmf.init(ks, passphrase); 
ctx.init(kmf.getKeyManagers(), null, null); 
javax.net.ssl.SSLSocketFactory sslFactory = ctx.getSocketFactory(); 

The code runs without problems on windows (xp prof, Sun JDK 1.4.2_05-b04), but if I run this code on linux (red hat, kernel 2.4.21, Sun JDK 1.4.2_06-b03) the application hangs at line "ctx.init(kmf.getKeyManagers(), null, null);".

SSL Debugging shows as last line "trigger seeding of SecureRandom", the message "done seeding SecureRandom" doesn't appear.

Why? What can I do, that the application will run on linux? What I'm doing wrong?

Thnaks,
Gernot


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org

Re: SSL init problem on Linux

Posted by Roland Weber <RO...@de.ibm.com>.

Hello Gernot,

> SSL Debugging shows as last line "trigger seeding of SecureRandom", 
> the message "done seeding SecureRandom" doesn't appear.
> 
> Why? What can I do, that the application will run on linux? What I'm
> doing wrong?

sounds like an installation problem with the JDK. You should try to
use java.security.SecureRandom from your application directly. See
the JavaDocs of that class for details. It is also worth to consider
that the default initialization of SecureRandom takes very long
(about 20 seconds or more), so you have to be patient. It's only
the first invocation, the later ones are fast.

hope that helps,
  Roland