Page 2 of 3 FirstFirst 123 LastLast
Results 21 to 40 of 46
  1. #21
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    The settings I gave in the example work for keystores which i created using the default settings of keytool.

    Are you sure your keystore actually has the right keys and certificates in it?
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  2. #22
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    Look at the picture. I think everythink is OK.
    Last edited by Koren3; 05-14-2009 at 02:00 PM.

  3. #23
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    The pictures really don't help.

    You need to find out what SSL cipher suites are enables and what certs and keys are in the keystore. Before anyone can help further.

    I suggest you read the documentation of the various classes and methods used in the example.
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  4. #24
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    I did it exactly like on this page now Installing and Configuring SSL Support. This steps:
    Java Code:
    Generate the server certificate.
    
    <JAVA_HOME>\bin\keytool -genkey -alias server-alias
    -keyalg RSA -keypass changeit -storepass changeit 
    -keystore keystore.jks 
    
    When you press Enter, keytool prompts you to enter the server name, organizational unit, organization, locality, state, and country code. Note that you must enter the server name in response to keytool's first prompt, in which it asks for first and last names. For testing purposes, this can be localhost. The host specified in the keystore must match the host identified in the host variable specified in the <INSTALL>/j2eetutorial14/examples/common/build.properties when running the example applications. 
    Export the generated server certificate in keystore.jks into the file server.cer. 
    
    <JAVA_HOME>\bin\keytool -export -alias server-alias 
    -storepass changeit -file server.cer -keystore keystore.jks 
    If you want to have the certificate signed by a CA, read Signing Digital Certificates for more information.
    To create the trust-store file cacerts.jks and add the server certificate to the trust-store, run keytool from the directory where you created the keystore and server certificate. Use the following parameters: 
    
    <JAVA_HOME>\bin\keytool -import -v -trustcacerts
    -alias server-alias -file server.cer 
    -keystore cacerts.jks -keypass changeit 
    -storepass changeit 
    
    Information on the certificate, such as that shown next, will display. 
    
    <INSTALL>/j2eetutorial14/examples/gs 60% keytool -import 
    -v -trustcacerts -alias server-alias -file server.cer 
    -keystore cacerts.jks -keypass changeit -storepass changeit
    Owner: CN=localhost, OU=Sun Micro, O=Docs, L=Santa Clara, ST=CA, C=US
    Issuer: CN=localhost, OU=Sun Micro, O=Docs, L=Santa Clara, ST=CA, C=US
    Serial number: 3e932169
    Valid from: Tue Apr 08
    Certificate fingerprints:
    MD5: 52:9F:49:68:ED:78:6F:39:87:F3:98:B3:6A:6B:0F:90 
    SHA1: EE:2E:2A:A6:9E:03:9A:3A:1C:17:4A:28:5E:97:20:78:3F:
    Trust this certificate? [no]: 
    Enter yes, and then press the Enter or Return key. The following information displays:
    
    Certificate was added to keystore
    [Saving cacerts.jks]
    I change a little mz code becouse. When I created certificate i didn't use password.
    Java Code:
    import java.io.BufferedReader;
    import java.io.BufferedWriter;
    import java.io.FileInputStream;
    import java.io.FileReader;
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.InputStreamReader;
    import java.io.ObjectInputStream;
    import java.io.OutputStreamWriter;
    import java.security.InvalidAlgorithmParameterException;
    import java.security.KeyManagementException;
    import java.security.KeyStore;
    import java.security.KeyStore.LoadStoreParameter;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.NoSuchProviderException;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertificateException;
    import java.util.ArrayList;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.net.ssl.KeyManagerFactory;
    import javax.net.ssl.ManagerFactoryParameters;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLServerSocket;
    import javax.net.ssl.SSLServerSocketFactory;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.TrustManagerFactory;
    
    /**
     *
     * @author Lolek
     */
    public class Main {
    
        /**
         * @param args the command line arguments
         */
        public static void main(String[] args) throws InvalidAlgorithmParameterException {
            try {
                int port = 5000;
                
                SSLContext ctx = null;
                KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
                
                //char[] password = "password".toCharArray();
                                        
                InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore.jks"));
                
                
                ks.load((LoadStoreParameter) in);
                //ks.load(in, password);
                
                
                in.close();
                
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
                //kmf.init(ks, password);
                kmf.init(  (ManagerFactoryParameters) ks);
                
                TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
                tmf.init(ks);
                ctx = SSLContext.getInstance("TLS");
                ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
                
                
               
                
                
                
                SSLServerSocketFactory serverSocketFactory = null;
                SSLServerSocket serverSocket = null;
                SSLSocket socket = null;
    
                serverSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
                serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port);
               
                while (true) {
                    socket = (SSLSocket) serverSocket.accept();
                    ChatHandler handler = new ChatHandler(socket);
                    handler.start();
                }
            } catch (KeyManagementException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            }  catch (NoSuchProviderException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (IOException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyStoreException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } 
            
          
          
        }
    }
    class ChatHandler extends Thread
    {
         static ArrayList handlers = new ArrayList(10);
         private SSLSocket socket;
         private BufferedReader read;
         private BufferedWriter write;
         
         public ChatHandler(SSLSocket socket)
         {
            try {
                
                this.socket = socket;
                this.read = new BufferedReader(new InputStreamReader(socket.getInputStream()));
                this.write = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
            } catch (IOException ex) {
                Logger.getLogger(ChatHandler.class.getName()).log(Level.SEVERE, null, ex);
            }
         }
         
        
         public void run(){
         String line=null;
    	synchronized(handlers) {
    	    handlers.add(this);
    	}
    	try {
               
    	    while(!(line = read.readLine()).equalsIgnoreCase("/q")) {            
                    for(int i = 0; i < handlers.size(); i++) {	
    			synchronized(handlers) {
    		            ChatHandler handler = (ChatHandler)handlers.get(i);                            
                                handler.write.write(line);
                                handler.write.newLine();
                                handler.write.flush();                            
                        }
    		}
    	    }
                
    	} catch(IOException ioe) {
    	    ioe.printStackTrace();
    	} finally {
    	    try {
    		read.close();
    		write.close();
    		socket.close();
    	    } catch(IOException ioe) {
    	    } finally {
    		synchronized(handlers) {
    		    handlers.remove(this);
    		}
    	    }
    	}
        }
    }
    Error is: Exception in thread "main" java.lang.ClassCastException: java.io.FileInputStream cannot be cast to java.security.KeyStore$LoadStoreParameter

  5. #25
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    in isn't a LoadStoreParameter, it's an InputStream. You can't just cast them and expect it to work.

    Again, read the documentation for KeyStore and use the appropriate method. Keystores should always have passwords.
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  6. #26
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    You know i have a big problem. I must do it until monday and i have a few time... I do another things... I going to try tomorow and I will see...

  7. #27
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    OK I found one error. But another error write it: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.

    On line:
    Java Code:
      socket = (SSLSocket) serverSocket.accept();

  8. #28
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    Yes, you told us about that already. Did you try any of our suggestions to fix it?
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  9. #29
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    Yes of course. I read again this: Installing and Configuring SSL Support and i found password what is used. And what is problem now you know?

  10. #30
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    So your problem is solved?
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  11. #31
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    No exactly. I said it: OK I found one error. But another error write it: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.

    On line:
    Java Code:
     socket = (SSLSocket) serverSocket.accept();

  12. #32
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    Yes, and did you try the suggestions I made in order to fix it?
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  13. #33
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    I don´t know what do you think.
    I did it like you say.
    Java Code:
    SSLContext ctx = null;
                KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
                
                char[] password = "changeit".toCharArray();
                                        
                InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore.jks"));
                            
                ks.load(in, password);                        
                in.close();
                
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
                kmf.init(ks, password);
                            
                TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
                tmf.init(ks);
                ctx = SSLContext.getInstance("TLS");
                ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

  14. #34
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    Quote Originally Posted by OrangeDog View Post
    You need to set up an SSLContext with your keystore, and use that to create get an SSLServerSocketFactory. The keystore goes wherever you can access it from your code.
    You created an SSLServerSocketFactory using the SSLContext did you?
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  15. #35
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    No, how can i do it?
    If you need, My code:
    Java Code:
    import java.io.BufferedReader;
    import java.io.BufferedWriter;
    import java.io.FileInputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.InputStreamReader;
    import java.io.OutputStreamWriter;
    import java.security.InvalidAlgorithmParameterException;
    import java.security.KeyManagementException;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.NoSuchProviderException;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertificateException;
    import java.util.ArrayList;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.net.ssl.KeyManagerFactory;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLServerSocket;
    import javax.net.ssl.SSLServerSocketFactory;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.TrustManagerFactory;
    
    /**
     *
     * @author Lolek
     */
    public class Main {
    
        /**
         * @param args the command line arguments
         */
        public static void main(String[] args) throws InvalidAlgorithmParameterException {
            try {
                int port = 5000;
                
                SSLContext ctx = null;
                KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
                
                char[] password = "changeit".toCharArray();
                                        
                InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore.jks"));
                            
                ks.load(in, password);                        
                in.close();
                
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
                kmf.init(ks, password);
                            
                TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
                tmf.init(ks);
                ctx = SSLContext.getInstance("TLS");
                ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
                         
                SSLServerSocketFactory serverSocketFactory = null;
                SSLServerSocket serverSocket = null;
                SSLSocket socket = null;
    
                serverSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
                serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port);
               
                while (true) {
                    socket = (SSLSocket) serverSocket.accept();
                    ChatHandler handler = new ChatHandler(socket);
                    handler.start();
                }
            } catch (UnrecoverableKeyException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyManagementException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            }  catch (NoSuchProviderException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (IOException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyStoreException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } 
            
          
          
        }
    }
    class ChatHandler extends Thread
    {
         static ArrayList handlers = new ArrayList(10);
         private SSLSocket socket;
         private BufferedReader read;
         private BufferedWriter write;
         
         public ChatHandler(SSLSocket socket)
         {
            try {
                
                this.socket = socket;
                this.read = new BufferedReader(new InputStreamReader(socket.getInputStream()));
                this.write = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
            } catch (IOException ex) {
                Logger.getLogger(ChatHandler.class.getName()).log(Level.SEVERE, null, ex);
            }
         }
         
        
         public void run(){
         String line=null;
    	synchronized(handlers) {
    	    handlers.add(this);
    	}
    	try {
               
    	    while(!(line = read.readLine()).equalsIgnoreCase("/q")) {            
                    for(int i = 0; i < handlers.size(); i++) {	
    			synchronized(handlers) {
    		            ChatHandler handler = (ChatHandler)handlers.get(i);                            
                                handler.write.write(line);
                                handler.write.newLine();
                                handler.write.flush();                            
                        }
    		}
    	    }
                
    	} catch(IOException ioe) {
    	    ioe.printStackTrace();
    	} finally {
    	    try {
    		read.close();
    		write.close();
    		socket.close();
    	    } catch(IOException ioe) {
    	    } finally {
    		synchronized(handlers) {
    		    handlers.remove(this);
    		}
    	    }
    	}
        }
    }

  16. #36
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    Read SSLContext (Java Platform SE 6), like I told you to.
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  17. #37
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    Ouu It is running no error, but now I must do client. Thank you so much. OK i go on side client maybe I write :)
    My server code is:
    Java Code:
    import java.io.BufferedReader;
    import java.io.BufferedWriter;
    import java.io.FileInputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.InputStreamReader;
    import java.io.OutputStreamWriter;
    import java.security.InvalidAlgorithmParameterException;
    import java.security.KeyManagementException;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.NoSuchProviderException;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertificateException;
    import java.util.ArrayList;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.net.ssl.KeyManagerFactory;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLServerSocket;
    import javax.net.ssl.SSLServerSocketFactory;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.TrustManagerFactory;
    
    /**
     *
     * @author Lolek
     */
    public class Main {
    
        /**
         * @param args the command line arguments
         */
        public static void main(String[] args) throws InvalidAlgorithmParameterException {
            try {
                int port = 5000;
                
                SSLContext ctx = null;
                KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
                
                char[] password = "changeit".toCharArray();
                                        
                InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore.jks"));
                            
                ks.load(in, password);                        
                in.close();
                
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
                kmf.init(ks, password);
                            
                TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
                tmf.init(ks);
                ctx = SSLContext.getInstance("TLS");
                ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
                         
                SSLServerSocketFactory serverSocketFactory = null;
                SSLServerSocket serverSocket = null;
                SSLSocket socket = null;
    
                serverSocketFactory = ctx.getServerSocketFactory();
                serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port);
               
                while (true) {
                    socket = (SSLSocket) serverSocket.accept();
                    ChatHandler handler = new ChatHandler(socket);
                    handler.start();
                }
            } catch (UnrecoverableKeyException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyManagementException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            }  catch (NoSuchProviderException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (IOException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyStoreException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } 
            
          
          
        }
    }
    class ChatHandler extends Thread
    {
         static ArrayList handlers = new ArrayList(10);
         private SSLSocket socket;
         private BufferedReader read;
         private BufferedWriter write;
         
         public ChatHandler(SSLSocket socket)
         {
            try {
                
                this.socket = socket;
                this.read = new BufferedReader(new InputStreamReader(socket.getInputStream()));
                this.write = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
            } catch (IOException ex) {
                Logger.getLogger(ChatHandler.class.getName()).log(Level.SEVERE, null, ex);
            }
         }
         
        
         public void run(){
         String line=null;
    	synchronized(handlers) {
    	    handlers.add(this);
    	}
    	try {
               
    	    while(!(line = read.readLine()).equalsIgnoreCase("/q")) {            
                    for(int i = 0; i < handlers.size(); i++) {	
    			synchronized(handlers) {
    		            ChatHandler handler = (ChatHandler)handlers.get(i);                            
                                handler.write.write(line);
                                handler.write.newLine();
                                handler.write.flush();                            
                        }
    		}
    	    }
                
    	} catch(IOException ioe) {
    	    ioe.printStackTrace();
    	} finally {
    	    try {
    		read.close();
    		write.close();
    		socket.close();
    	    } catch(IOException ioe) {
    	    } finally {
    		synchronized(handlers) {
    		    handlers.remove(this);
    		}
    	    }
    	}
        }
    }

  18. #38
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    Problem :) If client run, server and client error.
    Code client:
    Java Code:
    import java.io.BufferedReader;
    import java.io.BufferedWriter;
    import java.io.FileInputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.InputStreamReader;
    import java.io.OutputStreamWriter;
    import java.net.Socket;
    import java.net.UnknownHostException;
    import java.security.KeyManagementException;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.NoSuchProviderException;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertificateException;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.net.ssl.KeyManagerFactory;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.SSLSocketFactory;
    import javax.net.ssl.TrustManagerFactory;
    
    /**
     *
     * @author Lolek
     */
    public class Main {
    
        /**
         * @param args the command line arguments
         */
        public static void main(String[] args) {
           String addressIP;
           if (args.length == 0) {
                    addressIP = "127.0.0.1";
                } 
           else {
                    addressIP = args[0];
                }
           ReciveT recive = new ReciveT(addressIP,5000);
           SendT send = new SendT((SSLSocket) recive.getSocket());
        }
    
    }
    
    class ReciveT implements Runnable
    {
        private SSLSocket socket;
        private SSLSocketFactory socketFactory;
        private String IPAddress;
        private int port;
        
        ReciveT(String IPAddress,int port)
        {   
            try {            
                this.IPAddress = IPAddress;
                this.port = port;
                
                SSLContext ctx = null;
                KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
                
                char[] password = "changeit".toCharArray();
                                        
                InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralClient2\\src\\sslcentralclient2\\keystore.jks"));
                            
                ks.load(in, password);                        
                in.close();
                
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
                kmf.init(ks, password);
                            
                TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
                tmf.init(ks);
                ctx = SSLContext.getInstance("TLS");
                ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
                
                this.socketFactory = ctx.getSocketFactory();
                this.socket  = (SSLSocket) socketFactory.createSocket(IPAddress, port);
                new Thread(this, "Recive thread").start();
                
            } catch (UnrecoverableKeyException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchProviderException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyManagementException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } catch (IOException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyStoreException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } 
        }
        public Socket getSocket()
        {
            return this.socket;
        }
        public void run()
        {
            BufferedReader read = null;
            try {
                read = new BufferedReader(new InputStreamReader(this.socket.getInputStream()));
                String line = null;
                while ((line = read.readLine()) != null) {
                    System.out.println(line);
                    System.out.flush();
                }
            } catch (IOException ex) {
                Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
            } finally {
                try {
                    read.close();
                } catch (IOException ex) {
                    Logger.getLogger(ReciveT.class.getName()).log(Level.SEVERE, null, ex);
                }
            }
        }
    }
    
    class SendT implements Runnable
    {
        private SSLSocket socket;
        
        SendT(SSLSocket socket)
        {
            this.socket = socket;
            new Thread(this, "Send Thread").start();
        }
        public void run()
        {
            BufferedWriter write = null;
            try {
                BufferedReader readKeyboard = new BufferedReader(new InputStreamReader(System.in));
                write = new BufferedWriter(new OutputStreamWriter(this.socket.getOutputStream()));
    
                String line;
                while ((line = readKeyboard.readLine()) != null) {
                    write.write(line);
                    write.newLine();
                    write.flush();
                }
            } catch (IOException ex) {
                Logger.getLogger(SendT.class.getName()).log(Level.SEVERE, null, ex);
            } finally {
                try {
                    write.close();
                } catch (IOException ex) {
                    Logger.getLogger(SendT.class.getName()).log(Level.SEVERE, null, ex);
                }
            }
        }
    }
    And type of error:
    Java Code:
    SEVERE: null
    javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
            at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
            at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
            at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
            at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:744)
            at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
            at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:264)
            at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:306)
            at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:158)
            at java.io.InputStreamReader.read(InputStreamReader.java:167)
            at java.io.BufferedReader.fill(BufferedReader.java:136)
            at java.io.BufferedReader.readLine(BufferedReader.java:299)
            at java.io.BufferedReader.readLine(BufferedReader.java:362)
            at sslcentralclient2.ReciveT.run(Main.java:120)
            at java.lang.Thread.run(Thread.java:619)
    Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
            at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
            at sun.security.validator.Validator.validate(Validator.java:218)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
            ... 16 more
    Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
            at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
            at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
            ... 22 more
    And server code:
    Java Code:
    import java.io.BufferedReader;
    import java.io.BufferedWriter;
    import java.io.FileInputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.InputStreamReader;
    import java.io.OutputStreamWriter;
    import java.security.InvalidAlgorithmParameterException;
    import java.security.KeyManagementException;
    import java.security.KeyStore;
    import java.security.KeyStoreException;
    import java.security.NoSuchAlgorithmException;
    import java.security.NoSuchProviderException;
    import java.security.UnrecoverableKeyException;
    import java.security.cert.CertificateException;
    import java.util.ArrayList;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.net.ssl.KeyManagerFactory;
    import javax.net.ssl.SSLContext;
    import javax.net.ssl.SSLServerSocket;
    import javax.net.ssl.SSLServerSocketFactory;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.TrustManagerFactory;
    
    /**
     *
     * @author Lolek
     */
    public class Main {
    
        /**
         * @param args the command line arguments
         */
        public static void main(String[] args) throws InvalidAlgorithmParameterException {
            try {
                int port = 5000;
                
                SSLContext ctx = null;
                KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
                
                char[] password = "changeit".toCharArray();
                                        
                InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore.jks"));
                            
                ks.load(in, password);                        
                in.close();
                
                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
                kmf.init(ks, password);
                            
                TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
                tmf.init(ks);
                ctx = SSLContext.getInstance("TLS");
                ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
                         
                SSLServerSocketFactory serverSocketFactory = null;
                SSLServerSocket serverSocket = null;
                SSLSocket socket = null;
    
                serverSocketFactory = ctx.getServerSocketFactory();
                serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port);
               
                while (true) {
                    socket = (SSLSocket) serverSocket.accept();
                    ChatHandler handler = new ChatHandler(socket);
                    handler.start();
                }
            } catch (UnrecoverableKeyException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyManagementException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            }  catch (NoSuchProviderException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (IOException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyStoreException ex) {
                Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
            } 
            
          
          
        }
    }
    class ChatHandler extends Thread
    {
         static ArrayList handlers = new ArrayList(10);
         private SSLSocket socket;
         private BufferedReader read;
         private BufferedWriter write;
         
         public ChatHandler(SSLSocket socket)
         {
            try {
                
                this.socket = socket;
                this.read = new BufferedReader(new InputStreamReader(socket.getInputStream()));
                this.write = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
            } catch (IOException ex) {
                Logger.getLogger(ChatHandler.class.getName()).log(Level.SEVERE, null, ex);
            }
         }
         
        
         public void run(){
         String line=null;
    	synchronized(handlers) {
    	    handlers.add(this);
    	}
    	try {
               
    	    while(!(line = read.readLine()).equalsIgnoreCase("/q")) {            
                    for(int i = 0; i < handlers.size(); i++) {	
    			synchronized(handlers) {
    		            ChatHandler handler = (ChatHandler)handlers.get(i);                            
                                handler.write.write(line);
                                handler.write.newLine();
                                handler.write.flush();                            
                        }
    		}
    	    }
                
    	} catch(IOException ioe) {
    	    ioe.printStackTrace();
    	} finally {
    	    try {
    		read.close();
    		write.close();
    		socket.close();
    	    } catch(IOException ioe) {
    	    } finally {
    		synchronized(handlers) {
    		    handlers.remove(this);
    		}
    	    }
    	}
        }
    }
    And type of error:
    Java Code:
    javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
            at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
            at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1657)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:744)
            at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
            at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:264)
            at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:306)
            at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:158)
            at java.io.InputStreamReader.read(InputStreamReader.java:167)
            at java.io.BufferedReader.fill(BufferedReader.java:136)
            at java.io.BufferedReader.readLine(BufferedReader.java:299)
            at java.io.BufferedReader.readLine(BufferedReader.java:362)
            at sslcentralserver.ChatHandler.run(Main.java:127)

  19. #39
    OrangeDog's Avatar
    OrangeDog is offline Senior Member
    Join Date
    Jan 2009
    Location
    Cambridge, UK
    Posts
    838
    Rep Power
    6

    Default

    Really don't need to see your entire code every time - far too tedious to read. Keep it to a Simple Self-Contained Compilable Example (SSCCE).

    The exception tells you the problem, the server does not have a valid certificate for the client's key or vice versa.
    Don't forget to mark threads as [SOLVED] and give reps to helpful posts.
    How To Ask Questions The Smart Way

  20. #40
    Koren3 is offline Member
    Join Date
    Apr 2009
    Posts
    50
    Rep Power
    0

    Default

    I do exactly like this: Installing and Configuring SSL Support
    Java Code:
    C:\Program Files\Java\jre6\bin>keytool -genkey -alias server-alias -keyalg RSA -
    keypass changeit -storepass changeit -keystore keystore.jks
    What is your first and last name?
      [Unknown]:  pepa
    What is the name of your organizational unit?
      [Unknown]:  jogurt
    What is the name of your organization?
      [Unknown]:  lolek
    What is the name of your City or Locality?
      [Unknown]:  bolek
    What is the name of your State or Province?
      [Unknown]:  ak
    What is the two-letter country code for this unit?
      [Unknown]:  123
    Is CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123 correct?
      [no]:  yes
    
    
    C:\Program Files\Java\jre6\bin>keytool -export -alias server-alias -storepass ch
    angeit -file server.cer -keystore keystore.jks
    Certificate stored in file <server.cer>
    
    C:\Program Files\Java\jre6\bin>keytool -import -v -trustcacerts -alias server-al
    ias -file server.cer - keystore cacerts.jks -keypass changeit -storepass changei
    t
    Illegal option:  -
    Try keytool -help
    
    C:\Program Files\Java\jre6\bin>keytool -import -v -trustcacerts -alias server-al
    ias -file server.cer -keystore cacerts.jks -keypass changeit -storepass changeit
    
    Owner: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Issuer: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Serial number: 4a117021
    Valid from: Mon May 18 16:26:41 CEST 2009 until: Sun Aug 16 16:26:41 CEST 2009
    Certificate fingerprints:
             MD5:  F4:9E:12:72:2F:10:01:BD:F6:1F:96:7C:DF:39:14:03
             SHA1: 1B:9D:B8:30:95:DA:A6:74:36:DB:BF:D0:C7:37:6D:0E:04:AE:66:2C
             Signature algorithm name: SHA1withRSA
             Version: 3
    Trust this certificate? [no]:  yes
    Certificate was added to keystore
    [Storing cacerts.jks]
    
    C:\Program Files\Java\jre6\bin>keytool -genkey -alias client-alias -keyalg RSA -
    keypass changeit -storepass changeit -keystore keystore.jks
    What is your first and last name?
      [Unknown]:  pepa
    What is the name of your organizational unit?
      [Unknown]:  jogurt
    What is the name of your organization?
      [Unknown]:  lolek
    What is the name of your City or Locality?
      [Unknown]:  bolek
    What is the name of your State or Province?
      [Unknown]:  ak
    What is the two-letter country code for this unit?
      [Unknown]:  123
    Is CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123 correct?
      [no]:  yes
    
    
    C:\Program Files\Java\jre6\bin>keytool -export -alias client-alias -storepass ch
    angeit -file client.cer -keystore keystore.jks
    Certificate stored in file <client.cer>
    
    C:\Program Files\Java\jre6\bin>keytool -import -v -trustcacerts -alias client-al
    ias -file client.cer -keystore \server new\cacerts.jks -keypass changeit -storep
    ass changeit
    keytool error: java.lang.RuntimeException: Usage error, new\cacerts.jks is not a
     legal command
    java.lang.RuntimeException: Usage error, new\cacerts.jks is not a legal command
            at sun.security.tools.KeyTool.parseArgs(Unknown Source)
            at sun.security.tools.KeyTool.run(Unknown Source)
            at sun.security.tools.KeyTool.main(Unknown Source)
    
    C:\Program Files\Java\jre6\bin>keytool -import -v -trustcacerts -alias client-al
    ias -file client.cer -keystore \servern\cacerts.jks -keypass changeit -storepass
     changeit
    Owner: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Issuer: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Serial number: 4a117413
    Valid from: Mon May 18 16:43:31 CEST 2009 until: Sun Aug 16 16:43:31 CEST 2009
    Certificate fingerprints:
             MD5:  6F:CF:CD:AF:FF:3F:89:F4:BF:37:D2:60:6A:E9:01:7B
             SHA1: F2:3E:A2:BF:DA:E5:23:54:70:15:6F:30:53:4E:36:0B:95:71:DB:69
             Signature algorithm name: SHA1withRSA
             Version: 3
    Trust this certificate? [no]:  yes
    Certificate was added to keystore
    [Storing \servern\cacerts.jks]
    keytool error: java.io.FileNotFoundException: \servern\cacerts.jks (SystÚm nem¨×
    e nalÚzt uvedenou cestu)
    java.io.FileNotFoundException: \servern\cacerts.jks (SystÚm nem¨×e nalÚzt uveden
    ou cestu)
            at java.io.FileOutputStream.open(Native Method)
            at java.io.FileOutputStream.<init>(Unknown Source)
            at java.io.FileOutputStream.<init>(Unknown Source)
            at sun.security.tools.KeyTool.doCommands(Unknown Source)
            at sun.security.tools.KeyTool.run(Unknown Source)
            at sun.security.tools.KeyTool.main(Unknown Source)
    
    C:\Program Files\Java\jre6\bin>keytool -import -v -trustcacerts -alias client-al
    ias -file client.cer -keystore \servern\cacerts.jks -keypass changeit -storepass
     changeit
    Owner: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Issuer: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Serial number: 4a117413
    Valid from: Mon May 18 16:43:31 CEST 2009 until: Sun Aug 16 16:43:31 CEST 2009
    Certificate fingerprints:
             MD5:  6F:CF:CD:AF:FF:3F:89:F4:BF:37:D2:60:6A:E9:01:7B
             SHA1: F2:3E:A2:BF:DA:E5:23:54:70:15:6F:30:53:4E:36:0B:95:71:DB:69
             Signature algorithm name: SHA1withRSA
             Version: 3
    Trust this certificate? [no]:  yes
    Certificate was added to keystore
    [Storing \servern\cacerts.jks]
    keytool error: java.io.FileNotFoundException: \servern\cacerts.jks (SystÚm nem¨×
    e nalÚzt uvedenou cestu)
    java.io.FileNotFoundException: \servern\cacerts.jks (SystÚm nem¨×e nalÚzt uveden
    ou cestu)
            at java.io.FileOutputStream.open(Native Method)
            at java.io.FileOutputStream.<init>(Unknown Source)
            at java.io.FileOutputStream.<init>(Unknown Source)
            at sun.security.tools.KeyTool.doCommands(Unknown Source)
            at sun.security.tools.KeyTool.run(Unknown Source)
            at sun.security.tools.KeyTool.main(Unknown Source)
    
    C:\Program Files\Java\jre6\bin>keytool -import -v -trustcacerts -alias client-al
    ias -file client.cer -keystore servern\cacerts.jks -keypass changeit -storepass
    changeit
    Owner: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Issuer: CN=pepa, OU=jogurt, O=lolek, L=bolek, ST=ak, C=123
    Serial number: 4a117413
    Valid from: Mon May 18 16:43:31 CEST 2009 until: Sun Aug 16 16:43:31 CEST 2009
    Certificate fingerprints:
             MD5:  6F:CF:CD:AF:FF:3F:89:F4:BF:37:D2:60:6A:E9:01:7B
             SHA1: F2:3E:A2:BF:DA:E5:23:54:70:15:6F:30:53:4E:36:0B:95:71:DB:69
             Signature algorithm name: SHA1withRSA
             Version: 3
    Trust this certificate? [no]:  yes
    Certificate was added to keystore
    [Storing servern\cacerts.jks]
    
    C:\Program Files\Java\jre6\bin>

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. append response to the request from Socket and write to another socket
    By vaibhav_singh_vs@yahoo.co in forum Networking
    Replies: 3
    Last Post: 04-17-2009, 07:02 PM
  2. help about Socket
    By fahien_akim in forum New To Java
    Replies: 0
    Last Post: 04-16-2009, 10:41 AM
  3. Replies: 5
    Last Post: 03-20-2009, 10:04 PM
  4. Socket
    By rob in forum New To Java
    Replies: 1
    Last Post: 03-19-2009, 02:24 PM
  5. Socket
    By vortex in forum New To Java
    Replies: 2
    Last Post: 05-25-2008, 06:41 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •