on 05-02-2006 7:26 AM
Hi,
I have written a java program for connecting to an HTTPS URL and get the response from the site.
The HTTPS URL works well when I typed the URL in browser. But the same URL is failing while connecting using my program. I am getting the following exception while connecting to my HTTPS page "iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier"
I am attaching the code below for your reference.
String s = new String();
s = "MyRequest=" + s;
IAIK.addAsJDK14Provider(true);
IAIK.addAsJDK14Provider();
KeyStore keystore = Utils.getJavaDefaultKeystore();
/* Giving "SUN version 1.5" as a provider */
System.out.println("keystore provider:"+keystore.getProvider());
FileInputStream fis = new FileInputStream("mycertificatefile");
BufferedInputStream bis = new BufferedInputStream(fis);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = null;
while (bis.available() > 0) {
cert = cf.generateCertificate(bis);
}
keystore.setCertificateEntry("service_ssl",cert);
SecureConnectionFactory secureconnectionfactory = new SecureConnectionFactory(keystore);
secureconnectionfactory.setIgnoreServerCertificate(false);
HttpURLConnection httpurlconnection = secureconnectionfactory.createURLConnection(url);
httpurlconnection.setRequestMethod("POST");
BufferedWriter bufferedwriter = new BufferedWriter(new OutputStreamWriter(httpurlconnection.getOutputStream()));
bufferedwriter.write(s, 0, s.length());
bufferedwriter.close();
Utils.setBasicAuthenticationHeader(httpurlconnection, user, password);
try
{
httpurlconnection.connect();
}
catch(ConnectException connectexception)
{
error("Connection timeout");
System.exit(1);
}
catch(Exception exception)
{
exception.printStackTrace();
error("Connection exception");
System.exit(1);
}
int i = httpurlconnection.getResponseCode();
System.out.println("http Response Code = " + i);
If I pass the setIgnoreServerCertificate(true), then I am getting the following exception
java.io.IOException: Fatal SSL handshake error: java.lang.RuntimeException: Unable to create cipher AES/CBC/NoPadding: java.security.InvalidKeyException: Illegal key size
Thanks & Regards,
Santhosh.C
HI,
Have you solved your problem in accessing own ketstore-view, please let me know the solution if you have solved.
KeyStore keyStore = manager.getKeystore("MYSTORE");
Caused by: java.rmi.RemoteException: com.sap.engine.services.keystore.exceptions.BaseRemoteException: Remote call errored
Caused by: com.sap.engine.services.keystore.exceptions.BaseKeystoreException: Application is not authorized to execute keystore operation [
Caused by: java.security.AccessControlException: access denied
Please advice.
Thanks
MMK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Santhosh,
Seems that you have an issue with strong cryptography support in Java. Actually, strong cryptography is subject of US export regulations, so if you downloaded "international" version of Java, then you have only weak cryptography -- small key size.
Try to obtain JVM that is shiped for US users.
VS
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
VS,
I am not sure, how far this will solve my problem. Let me try this. BTW, I have solved the issue on my own.
I generated keystore and truststore from the generated certificates and supplied the certificate as input to my program.
Here is the program for your reference.
HttpClient client = new HttpClient();
client.getParams().setAuthenticationPreemptive(true);
Credentials defaultcreds = new UsernamePasswordCredentials(USER, PASSWORD);
client.getState().setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM), defaultcreds);
Protocol authhttps = new Protocol("HTTPS",
(ProtocolSocketFactory) new AuthSSLProtocolSocketFactory(
urlkeystore, PASSWORD,
urltruststore, PASSWORD), TARGET_HTTPS_PORT);
Protocol.registerProtocol("https", authhttps);
PostMethod filePost = new PostMethod(FINAL_URL);
STATUS = client.executeMethod(filePost);
String responseString = filePost.getResponseBodyAsString();
if (responseString != null && responseString.length() > 0)
{
System.out.println("Response String : " + responseString);
}
Thanks & Regards,
Santhosh.C
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.