You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by tog <gu...@gmail.com> on 2009/03/09 14:08:50 UTC
cxf server using https
Hi
I run the "apache-cxf-2.1.4-src/distribution/src/main/release/samples/wsdl_first_https"
sample ... using mvn -Pserver.
It does start succesfully but when I want to get the wsdl in firefox I
got this error:
[INFO] WARNING: EXCEPTION
[INFO] javax.net.ssl.SSLHandshakeException: no cipher suites in common
[INFO] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
[INFO] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
[INFO] at com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:639)
[INFO] at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:450)
[INFO] at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:178)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
[INFO] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
[INFO] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
[INFO] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057)
[INFO] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041)
[INFO] at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:630)
[INFO] at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)
What am I doing wrong and how can I fix this ?
Best Regards
Guillaume
Re: cxf server using https
Posted by tog <gu...@gmail.com>.
Well, that's what I thought first then I change the definition in
src/demo/hw_https/server/CherryServer.xml
to match
<sec:clientAuthentication want="true" required="false"/>
and
<sec:clientAuthentication want="false" required="false"/>
Both case give the same results:
Firefox says: ssl_error_no_cypher_overlap
while the sample returns the same as previously:
[INFO] WARNING: EXCEPTION
[INFO] javax.net.ssl.SSLHandshakeException: no cipher suites in common
[INFO] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
[INFO] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
[INFO] at com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:639)
[INFO] at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:450)
[INFO] at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:178)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
[INFO] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
It looks that the client auth is still required ?
On Tue, Mar 10, 2009 at 2:05 AM, Daniel Kulp <dk...@apache.org> wrote:
>
> That sample is setup to require the client to authenticate with the
> appropriate certs. Thus, the only way to get firefox to view the wsdl would
> be import the certs into the firefox stores and such (which I have no idea how
> to do). Basically, it's showing you that it's working exactly as
> designed. :-) Only people with the right credentials can get in.
>
>
> Dan
>
>
> On Mon March 9 2009 9:08:50 am tog wrote:
>> Hi
>>
>> I run the
>> "apache-cxf-2.1.4-src/distribution/src/main/release/samples/wsdl_first_http
>>s" sample ... using mvn -Pserver.
>> It does start succesfully but when I want to get the wsdl in firefox I
>> got this error:
>>
>> [INFO] WARNING: EXCEPTION
>> [INFO] javax.net.ssl.SSLHandshakeException: no cipher suites in common
>> [INFO] at
>> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) [INFO]
>> at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
>> [INFO] at
>> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) [INFO]
>> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
>> [INFO] at
>> com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHands
>>haker.java:639) [INFO] at
>> com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.
>>java:450) [INFO] at
>> com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshak
>>er.java:178) [INFO] at
>> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
>> [INFO] at
>> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
>> [INFO] at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:81
>>8) [INFO] at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocke
>>tImpl.java:1030) [INFO] at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.jav
>>a:1057) [INFO] at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.jav
>>a:1041) [INFO] at
>> org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketCo
>>nnector.java:630) [INFO] at
>> org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:48
>>8)
>>
>> What am I doing wrong and how can I fix this ?
>>
>> Best Regards
>> Guillaume
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>
--
PGP KeyID: 1024D/47172155
FingerPrint: C739 8B3C 5ABF 127F CCFA 5835 F673 370B 4717 2155
http://cheztog.blogspot.com
Re: cxf server using https
Posted by Daniel Kulp <dk...@apache.org>.
That sample is setup to require the client to authenticate with the
appropriate certs. Thus, the only way to get firefox to view the wsdl would
be import the certs into the firefox stores and such (which I have no idea how
to do). Basically, it's showing you that it's working exactly as
designed. :-) Only people with the right credentials can get in.
Dan
On Mon March 9 2009 9:08:50 am tog wrote:
> Hi
>
> I run the
> "apache-cxf-2.1.4-src/distribution/src/main/release/samples/wsdl_first_http
>s" sample ... using mvn -Pserver.
> It does start succesfully but when I want to get the wsdl in firefox I
> got this error:
>
> [INFO] WARNING: EXCEPTION
> [INFO] javax.net.ssl.SSLHandshakeException: no cipher suites in common
> [INFO] at
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) [INFO]
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
> [INFO] at
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) [INFO]
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
> [INFO] at
> com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHands
>haker.java:639) [INFO] at
> com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.
>java:450) [INFO] at
> com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshak
>er.java:178) [INFO] at
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
> [INFO] at
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
> [INFO] at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:81
>8) [INFO] at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocke
>tImpl.java:1030) [INFO] at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.jav
>a:1057) [INFO] at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.jav
>a:1041) [INFO] at
> org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketCo
>nnector.java:630) [INFO] at
> org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:48
>8)
>
> What am I doing wrong and how can I fix this ?
>
> Best Regards
> Guillaume
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog