[SOLVED] Start SSL socket

[Koren3]

Hello, I am a begginer in programimg and I programmed the chat with SSL sockets. I created the certificate via tutorial on this website: Installing and Configuring SSL Support . I use IDE NetBeans and I would like to know the place/folder where the certificate has to be saved. Could you tell me in detail the procedure in Netbeans.
But momentarily it doesn't work because of the error: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
This is the code of server:

Java Code:

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;

/**
 *
 * @author Lolek
 */
public class Main {

    /**
     * @param args the command line arguments
     */
    public static void main(String[] args) {
        try {
            int port = 5000;
            SSLServerSocketFactory serverSocketFactory = null;
            SSLServerSocket serverSocket = null;
            SSLSocket socket = null;

            serverSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
            serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port);
            
            
            while (true) {
                socket = (SSLSocket) serverSocket.accept();
                ChatHandler handler = new ChatHandler(socket);
                handler.start();
            }
        } catch (IOException ex) {
            Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
        }
        
      
      
    }
}
class ChatHandler extends Thread
{
     static ArrayList handlers = new ArrayList(10);
     private SSLSocket socket;
     private BufferedReader read;
     private BufferedWriter write;
     
     public ChatHandler(SSLSocket socket)
     {
        try {
            this.socket = socket;
            this.read = new BufferedReader(new InputStreamReader(socket.getInputStream()));
            this.write = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
        } catch (IOException ex) {
            Logger.getLogger(ChatHandler.class.getName()).log(Level.SEVERE, null, ex);
        }
     }
     
    
     public void run(){
     String line=null;
	synchronized(handlers) {
	    handlers.add(this);
	}
	try {
           
	    while(!(line = read.readLine()).equalsIgnoreCase("/q")) {            
                for(int i = 0; i < handlers.size(); i++) {	
			synchronized(handlers) {
		            ChatHandler handler = (ChatHandler)handlers.get(i);                            
                            handler.write.write(line);
                            handler.write.newLine();
                            handler.write.flush();                            
                    }
		}
	    }
            
	} catch(IOException ioe) {
	    ioe.printStackTrace();
	} finally {
	    try {
		read.close();
		write.close();
		socket.close();
	    } catch(IOException ioe) {
	    } finally {
		synchronized(handlers) {
		    handlers.remove(this);
		}
	    }
	}
    }
}

[OrangeDog]

You need to set up an SSLContext with your keystore, and use that to create get an SSLServerSocketFactory. The keystore goes wherever you can access it from your code.

[Koren3]

And could you show some example how can i set up an SSLContext? I am begginer I don´t know what are you talking about. I need this just to the school. Thank you

[OrangeDog]

Java Code:

SSLContext ctx = null;
// load keystore
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
char[] password = getPassword();
InputStream in  = ClassLoader.getSystemResourceAsStream(keystore);
ks.load(in, password);
in.close();
// set-up SSLContext
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509", "SunJSSE");
kmf.init(ks, password);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", "SunJSSE");
tmf.init(ks);
ctx = SSLContext.getInstance("TLS");
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

[Koren3]

I did how you wrote but something is wrong where is the problem?

[fxRichard]

The getPassword() refered to is an example, you must replace getPassword() with a password OR write a getPassword() method as follows:

Java Code:

private static char[] getPassword()
{
    // this is a bad example but you get the point
    return("My Password".toCharArray());
}

[OrangeDog]

Likewise, replace keystore with a path to your keystore

[Koren3]

OK where is the problem now?

Thank you very much.

[OrangeDog]

What's the argument type for getSystemResourceAsStream?

[Koren3]

:) I am sory I am stupid. String "" . Thank you.
But nullpointer:

[OrangeDog]

It's a lot easier to not use IDE screenshots.

The class loader couldn't find that as it's not relative to the classpath. Use some other method to get the InputStream.

[Koren3]

What other metod can i use?

[OrangeDog]

As you have done, but with a correct path
Using a URL
Using a File
Using a Socket
and a few others

[Koren3]

I used this:

Java Code:

 ObjectInputStream in = new ObjectInputStream(new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore"));

But it write this error: java.io.StreamCorruptedException: invalid stream header: FEEDFEED

[OrangeDog]

Don't use an Object stream.

[Koren3]

OK but what can I use? If I use

Java Code:

InputStream in = (new FileInputStream("C:\\Koren\\Java\\SSLCentralServer\\src\\sslcentralserver\\keystore"));

This error write: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.

[OrangeDog]

Then you need to change the values in the getInstance() methods to match the format of your keystore, or change the keystore to match the available SSL cipher suites.

[Koren3]

Could you show some example? Thank you.

[OrangeDog]

No, because I don't know the format of your keystore.

[Koren3]

I did my keystore through keytool. I think it is .jks .