tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Sifuentes" <ben...@verizon.net>
Subject JkCoyoteHandler with SSL
Date Sat, 16 Aug 2003 00:45:52 GMT
While using Apache2.0.47 and Tomcat 4.1.24 integrated with JBOSS 3.2.1 on a Win2000 box.

I get the following exception from the Tomcat JkCoyoteHandler when making a https call

If I hit the ok button several times when it pops up the Select your Certificate box in windows
it processes the request as you can see by the output I'm able to correctly process the SSL
information being sent across the wire. 

The Certificate is a pk7 which was built from x509

Any help with this issue would be greatly appreciated. I've struggled long and hard with the
SSL communication between Apache and Tomcat and it looks like I'm very close to having it.
Except for the following error.

One last thing:
mod_sll.so (came with the Apache2.0 distribution)
mod_jdk_2.0.46.dll


============================================================================

19:43:29,503 INFO  [Server] JBoss (MX MicroKernel) [3.2.1 (build: CVSTag=JBoss_3
_2_1 date=200305041533)] Started in 1m:39s:313ms
19:44:49,248 ERROR [JkCoyoteHandler] Certificate convertion failed
java.security.cert.CertificateException: Unable to initialize, java.io.IOExcepti
on: DerInputStream.getLength(): lengthTag=127, too big.
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:289)
        at sun.security.provider.X509Factory.engineGenerateCertificate(X509Facto
ry.java:94)
        at java.security.cert.CertificateFactory.generateCertificate(Certificate
Factory.java:389)
        at org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:395)

        at org.apache.coyote.Response.action(Response.java:222)
        at org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapte
r.java:310)
        at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22
1)
        at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261)

        at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360)
        at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604)
        at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.ja
va:562)
        at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:619)
        at java.lang.Thread.run(Thread.java:536)
Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=127, too b
ig.
        at sun.security.util.DerInputStream.getLength(DerInputStream.java:502)
        at sun.security.util.DerInputStream.getLength(DerInputStream.java:476)
        at sun.security.util.DerValue.<init>(DerValue.java:233)
        at sun.security.util.DerInputStream.getDerValue(DerInputStream.java:358)

        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1608)
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:286)
        ... 13 more
.
.
19:45:12,001 INFO  [Engine] CoyoteAdapter  Requested cookie session id is 01BD9D
C9B2EF687EE90F8FAD8147B49F
19:45:12,001 ERROR [JkCoyoteHandler] Certificate convertion failed
java.security.cert.CertificateException: Unable to initialize, java.io.IOExcepti
on: DerInputStream.getLength(): lengthTag=102, too big.
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:289)
        at sun.security.provider.X509Factory.engineGenerateCertificate(X509Facto
ry.java:94)
        at java.security.cert.CertificateFactory.generateCertificate(Certificate
Factory.java:389)
        at org.apache.jk.server.JkCoyoteHandler.action(JkCoyoteHandler.java:395)

        at org.apache.coyote.Response.action(Response.java:222)
        at org.apache.coyote.tomcat4.CoyoteAdapter.postParseRequest(CoyoteAdapte
r.java:310)
        at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22
1)
        at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261)

        at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360)
        at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604)
        at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.ja
va:562)
        at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
ool.java:619)
        at java.lang.Thread.run(Thread.java:536)
Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=102, too b
ig.
        at sun.security.util.DerInputStream.getLength(DerInputStream.java:502)
        at sun.security.util.DerInputStream.getLength(DerInputStream.java:476)
        at sun.security.util.DerValue.<init>(DerValue.java:233)
        at sun.security.util.DerInputStream.getDerValue(DerInputStream.java:358)

        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1608)
        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:286)
        ... 13 more

19:46:56,281 INFO  [Engine] action: Processing a POST for /logon
19:46:56,291 INFO  [Engine] action: Setting locale 'en_US'
19:46:56,291 INFO  [Engine] action:  Looking for ActionForm bean under attribute
 'logon'
19:46:56,291 INFO  [Engine] action:  Creating new ActionForm instance of class '
pro.registrypro.products.ami.form.logonForm'
19:46:56,291 INFO  [Engine] action:  Storing instance under attribute 'logon' in
 scope 'request'
19:46:56,291 INFO  [Engine] action:  Populating bean properties from this reques
t
19:46:56,301 INFO  [Engine] action:  Validating input form properties
19:46:56,301 INFO  [Engine] action:   No errors detected, accepting input
19:46:56,301 INFO  [Engine] action:  Looking for Action instance for class pro.r
egistrypro.products.ami.action.logonAction
19:46:56,301 INFO  [Engine] action:   Double checking for Action instance alread
y there
19:46:56,301 INFO  [Engine] action:   Creating new Action instance
19:46:56,361 INFO  [STDOUT] ping: usa-bwdzu56x1fd
19:46:56,361 INFO  [STDOUT] ipAddr=10.168.1.61
19:46:56,361 INFO  [Engine] action: Begin-Validation
19:46:56,361 INFO  [STDOUT] ALRIGHT WE GOT SOMETHING!!!!
19:46:56,361 INFO  [STDOUT] [-----BEGIN CERTIFICATE-----
MIICnTCCAgYCAQEwDQYJKoZIhvcNAQEEBQAwgYwxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIEwdHZW9yZ2lhMRAwDgYDVQQHEwdBdGxhbnRhMRQwEgYDVQQKEwtSZWdpc3Ry
eVBybzEMMAoGA1UECxMDRGV2MRIwEAYDVQQDEwkxMjcuMC4wLjExITAfBgkqhkiG
9w0BCQEWEnJ3a2FzdGVuQG54anF6LmNvbTAeFw0wMzA4MTQxNDI4NTRaFw0wNDA4
MTMxNDI4NTRaMIGgMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHR2VvcmdpYTEQMA4G
A1UEBxMHQXRsYW50YTEUMBIGA1UEChMLUmVnaXN0cnlQcm8xDDAKBgNVBAsTA0Rl
djEnMCUGA1UEAxMeVGVzdCBDbGllbnQgQ2VydCBmb3IgMTI3LjAuMC4xMSAwHgYJ
KoZIhvcNAQkBFhFyd2thc3RlbkB4anF6LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAz6vkmB63Q69eZDWkdWoO+bHNRu4vLQVLl/arA8W1aw7gpXrtQn19
Bw0DIhp2OCIDOixoF6Oq3tfAz5agFcj1haRGCjtI4GlgiuIgM2bN1EuW3pbdwmtE
3jv3qKbMNn5M124Usn/seUn1DlMkv7+7AdDVjZz36zoMmZqaVjoSSdUCAwEAATAN
BgkqhkiG9w0BAQQFAAOBgQALS8XG/3RL/F6K7Ytf5CF7du5Ip199TdI9FSrUcbGY
JiS9pGlxuhJwd3c5L8A+IuN9gai5FnITnsoBHn4S3a89FxSEeqW4kAno8PWVUBeN
KjZiHGHMiyok8h9CWZPv4CDtcLvP3jpoIEgkROs0wnfdOdwK2FyCHj2QuMc3iioO
gA==
-----END CERTIFICATE-----
]
19:46:56,371 INFO  [STDOUT] ---Certificate---
19:46:56,371 INFO  [STDOUT] type = X.509
19:46:56,371 INFO  [STDOUT] version = 1
19:46:56,371 INFO  [STDOUT] subject = EMAILADDRESS=rwkasten@xjqz.com, CN=Test Cl
ient Cert for 127.0.0.1, OU=Dev, O=RegistryPro, L=Atlanta, ST=Georgia, C=US
19:46:56,371 INFO  [STDOUT] valid from = Thu Aug 14 10:28:54 EDT 2003
19:46:56,371 INFO  [STDOUT] valid to = Fri Aug 13 10:28:54 EDT 2004
19:46:56,371 INFO  [STDOUT] serial number = 1
19:46:56,371 INFO  [STDOUT] issuer = EMAILADDRESS=rwkasten@nxjqz.com, CN=127.0.0
.1, OU=Dev, O=RegistryPro, L=Atlanta, ST=Georgia, C=US
19:46:56,371 INFO  [STDOUT] signing algorithm = MD5withRSA
19:46:56,381 INFO  [STDOUT] public key algorithm = RSA
19:46:56,381 INFO  [STDOUT] ---Extensions---
19:46:56,381 INFO  [STDOUT] ---
19:46:56,381 INFO  [Engine] action: End Loop....
19:46:56,381 INFO  [STDOUT] AmiDelegator.checkuser
19:46:56,621 INFO  [STDOUT] DataBean context set
19:46:56,651 INFO  [STDOUT] Ami.props
19:46:56,681 INFO  [STDOUT] uservo=UserVO:
 login:rpro-developer::: pass-admin::: certid-1::: ip-10.168.1.61::: newpass-nul
l::: sid-null::: role-null
19:46:57,102 INFO  [STDOUT] eppRes=(message = Wrong certificate ID), (code = 220
0), (tid = 14854711)
19:46:57,102 INFO  [STDOUT] sid=null## role=null
19:46:57,112 INFO  [STDOUT] code=2200
19:46:57,112 INFO  [STDOUT] message=Wrong certificate ID
19:46:57,112 INFO  [STDOUT] sid=null
19:46:57,112 INFO  [STDOUT] UserBean removed
19:46:57,112 INFO  [Engine] action: logon: Got UserException- 'Wrong certificate
 ID' on session 01BD9DC9B2EF687EE90F8FAD8147B49F
19:46:57,122 INFO  [STDOUT] 1
19:46:57,122 INFO  [STDOUT] error=org.apache.struts.action.ActionErrors@119fc9e
19:46:57,162 ERROR [JkCoyoteHandler] Certificate convertion failed

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message