Java开发网 Java开发网
注册 | 登录 | 帮助 | 搜索 | 排行榜 | 发帖统计  

您没有登录

» Java开发网 » Java Security  

按打印兼容模式打印这个话题 打印话题    把这个话题寄给朋友 寄给朋友    该主题的所有更新都将Email到你的邮箱 订阅主题
flat modethreaded modego to previous topicgo to next topicgo to back
作者 Re:ssl connection error [Re:roy_nixping]
floater

Java Jedi

总版主


发贴: 3233
积分: 421
于 2003-11-03 23:56 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
That's what I suspect, however there are some info:
1. When the client cert is not right, you should get this:
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
2. When the server's cert is not trusted by the client, you should get this:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Couldn't find trusted certificate

In your case, if we read the error literally, the cert is bad! But we don't know which cert, the server side or the client side. You need to check both.
Maybe the format is not right, see below.

Some info for you reference:
When URLConnection is used for HTTP(S) connection:
1. We can specify the truststore and keystore like this:

System.setProperty("javax.net.ssl.trustStore", "<name here>");
System.setProperty("javax.net.ssl.keyStore", "<name here>");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");

The truststore is used by the client to trust server's cert, so put server's cert or its CA cert in there. Use keytool to create this store and import the cert.
The keystore is used to store client's cert. KEEP IN MIND, in keystore, the store's password has to be the same as the private key's password, otherwise you will get wield errors(not clear enough). The password can NOT be null or empty. Further more, the keystore has to be in JKS format. So if you have p12, pfx, write a simple class to convert it.
2. Here is the way to setup proxy/firewall, if you have to go through firewalls.
For https:

System.setProperty("https.proxySet", "true");
System.setProperty("https.proxyHost", "<proxy server here>");
System.setProperty("https.proxyPort", "80");

String tmp = "name" + ":" + "password";
String encodedpswd = "Basic " + new sun.misc.BASE64Encoder().encode(tmp.getBytes());
if (conn != null)
{
     conn.setRequestProperty("Proxy-Authorization", encodedpswd);
}

For http, just replace https with http in the above.

floater edited on 2003-11-03 23:59
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
- Martin Fowler, Refactoring - Improving the Design of Existing Code

话题树型展开
人气 标题 作者 字数 发贴时间
14890 ssl connection error roy_nixping 242 2003-10-31 14:37
11348 Re:ssl connection error floater 143 2003-10-31 23:18
12063 Re:ssl connection error roy_nixping 295 2003-11-03 09:36
12584 Re:ssl connection error floater 1987 2003-11-03 23:56

flat modethreaded modego to previous topicgo to next topicgo to back
  已读帖子
  新的帖子
  被删除的帖子
Jump to the top of page

   Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent
Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1
客服电话 18559299278    客服信箱 714923@qq.com    客服QQ 714923