axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Volanis, Alexander" <AVola...@rsasecurity.com>
Subject RE: A critical problen
Date Wed, 12 Jun 2002 16:16:51 GMT
Hi,

I have successfully used Axis in the way you describe and discovered that
adding the "javax.net.debug=ssl" property can cause this error in Weblogic
6.1. It helped diagnose misconfiguration during setup but once all
configuration/keystore problems were corrected it was actually causing a
problem, I suspect some timeout in the handshake processing.

Additionally, you are using javax.net.ssl.trustStore and
javax.net.ssl.keyStorePassword. I think you are mixing the store and
password properties. Use javax.net.ssl.trustStore and
javax.net.ssl.trustStorePassword for the trust store. Use
javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword for the key store.

I hope this helps.

-----Original Message-----
From: Amit Ingale [mailto:amit_i@rediffmail.com]
Sent: Tuesday, June 11, 2002 8:31 PM
To: axis-user@xml.apache.org; axis-dev@xml.apache.org
Subject: A critical problen


hi,
  i am working with apache axis beta 2 version
and have done setup of it on weblogic 5.1 sp11

i have a prob i have set up apache axis for two way ssl conf along 
with two way ssl for webloic using verisign certificate the prob 
is i have created a keystore
added ca, client cert and server cert to it and added
this code to my client also checked for jsse installation its 
fine.
---------------------------------------------------------
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.ww
w.protocol");
 	System.setProperty("javax.net.debug", "ssl");

  
System.setProperty("javax.net.ssl.trustStore","D:\\weblogic\\myserver\\wls.k
eystore");
 	//jdk1.3.1_02\\jre\\lib\\security\\cacerts
  
System.setProperty("javax.net.ssl.keyStorePassword","changeit");
 	Security.addProvider(new 
com.sun.net.ssl.internal.ssl.Provider());
--------------------------------------------------------


the prob is it gives me an error saying
********************************************************
*** ServerHelloDone
[read] MD5 and SHA1 hashes:  len = 4
0000: 0E 00 00 00                                        ....
main, SEND SSL v3.0 ALERT:  warning, description = 
no_certificate
main, WRITE:  SSL v3.0 Alert, length = 2
*** ClientKeyExchange, RSA PreMasterSecret, v3.0
Random Secret:  { 3, 0, 22, 56, 82, 101, 226, 75, 127, 103, 141, 
235, 249, 14, 97, 86, 10, 159,
4, 233, 95, 106, 247, 102, 54, 22, 77, 220, 194, 255, 229, 94, 
138, 26, 151, 219, 79, 64, 185,
[write] MD5 and SHA1 hashes:  len = 68
0000: 10 00 00 40 84 EF 7D 26   08 D6 7B 11 6E 42 AA BC  
...@...&....nB..
0010: 9C C7 B8 44 C4 DB C1 CB   C2 8E 54 E4 A5 B8 BA CB  
...D......T.....
0020: 73 53 B8 46 C0 AD 9F 46   25 A8 D4 1C 18 C9 A7 2D  
sS.F...F%......-
0030: 14 8C BA 1B 4B F1 30 28   81 9C 19 4E 51 AD 57 6E  
....K.0(...NQ.Wn
0040: 6F 08 7B E9                                        o...
main, WRITE:  SSL v3.0 Handshake, length = 68
SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 16 38 52 65 E2 4B   7F 67 8D EB F9 0E 61 56  
...8Re.K.g....aV
0010: 0A 9F 87 CA 11 51 6C 2A   FD FE E9 5F 6A F7 66 36  
.....Ql*..._j.f6
0020: 16 4D DC C2 FF E5 5E 8A   1A 97 DB 4F 40 B9 DC 56  
.M....^....O@..V
CONNECTION KEYGEN:
Client Nonce:
0000: 3D 06 91 07 D6 6A E6 D3   3E FC DC 69 E4 4C 93 9A  
=....j..>..i.L..
0010: 24 2E 7F 09 5D 1B 23 58   FD 62 EA 09 9C 2F 3C E4  
$...].#X.b.../<.
Server Nonce:
0000: 3D 06 91 08 BB 11 A3 17   47 6A 47 6F 5D 6F D5 56  
=.......GjGo]o.V
0010: 0E A3 3A 29 BD 3E 5D 72   31 9F 49 87 4C 39 5B 30  
..:).>]r1.I.L9[0
Master Secret:
0000: 45 F0 FD B6 7D EF C1 79   4B 97 E9 1B D4 DD 62 61  
E......yK.....ba
0010: B7 90 EF 09 AE 25 17 78   27 26 19 0E F3 0A A8 FF  
.....%.x'&......
0020: 4D 3C 90 34 09 E3 3D 67   91 DA 4D 05 BC F8 05 3A  
M<.4..=g..M....:
Client MAC write Secret:
0000: 41 8C 0E A9 A6 BD A4 8D   EF 6D 54 91 BC 96 6C E5  
A........mT...l.
0010: 0A 0C F0 94                                        ....
Server MAC write Secret:
0000: 07 3E D8 E6 A5 E2 78 34   DB 36 6E 20 8E 3A 7B E1  
.>....x4.6n .:..
0010: 54 03 AF 31                                        T..1
Client write key:
0000: E6 44 31 5A 5F B4 A7 5E                            
.D1Z_..^
Server write key:
0000: C2 16 06 1C 18 AE 3E EE                            
......>.
Client write IV:
0000: EC CD D0 C3 17 A8 73 C7                            
......s.
Server write IV:
0000: A6 FE E0 0C 92 8F DF 25                            
.......%
main, WRITE:  SSL v3.0 Change Cipher Spec, length = 1
*** Finished, v3.0
MD5 Hash:  { 153, 118, 220, 126, 180, 252, 132, 68, 55, 240, 236, 
165, 181, 52, 194, 99 }
SHA1 Hash:  { 68, 108, 161, 38, 163, 126, 84, 226, 243, 27, 185, 
209, 62, 244, 228, 236, 1, 153
***
[write] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 99 76 DC 7E   B4 FC 84 44 37 F0 EC A5  
...$.v.....D7...
0010: B5 34 C2 63 44 6C A1 26   A3 7E 54 E2 F3 1B B9 D1  
.4.cDl.&..T.....
0020: 3E F4 E4 EC 01 99 CA 90                            
 >.......
Padded plaintext before ENCRYPTION:  len = 64
0000: 14 00 00 24 99 76 DC 7E   B4 FC 84 44 37 F0 EC A5  
...$.v.....D7...
0010: B5 34 C2 63 44 6C A1 26   A3 7E 54 E2 F3 1B B9 D1  
.4.cDl.&..T.....
0020: 3E F4 E4 EC 01 99 CA 90   8D 64 91 F1 86 4F CA E8  
 >........d...O..
0030: A7 29 46 32 EF 26 7B FD   8E FC E0 E5 03 03 03 03  
.)F2.&..........
main, WRITE:  SSL v3.0 Handshake, length = 64
java.net.SocketException: Connection aborted by peer: socket write 
error
java.net.SocketException: Connection aborted by peer: socket write 
error
         at java.net.SocketOutputStream.socketWrite(Native 
Method)
         at java.net.SocketOutputStream.write(Unknown Source)
         at 
com.sun.net.ssl.internal.ssl.OutputRecord.a([DashoPro-V1.2-120198])
         at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
         at 
com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush([DashoPro-V1.2-120198]
)
         at 
com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec([DashoPro-V1.2-
120198])
         at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.e([DashoPro-V1.2-120198])
         at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
         at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-
120198])
         at 
com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198
])
         at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
         at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
         at 
com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
         at java.io.OutputStream.write(Unknown Source)
         at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120
198])
         at java.lang.reflect.Method.invoke(Native Method)
         at 
org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:255)
         at 
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:
71)
         at 
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:154)
         at 
org.apache.axis.SimpleChain.invoke(SimpleChain.java:121)
         at 
org.apache.axis.client.AxisClient.invoke(AxisClient.java:174)
         at org.apache.axis.client.Call.invoke(Call.java:1905)
         at org.apache.axis.client.Call.invoke(Call.java:1690)
         at org.apache.axis.client.Call.invoke(Call.java:1608)
         at org.apache.axis.client.Call.invoke(Call.java:1169)
         at DataExtract.Client1.main(Client1.java:107)

*******************************************************

this error appears only if i use verisigns certificate both for 
client as well as server

but if i use selfsign certificate it works properly
but in production environment we cant use self signed 
certificates, so pl guide me to solve this problem

thanks and regards
Amit
_________________________________________________________
Click below to visit monsterindia.com and review jobs in India or 
Abroad
http://monsterindia.rediff.com/jobs

Mime
View raw message