dev@glassfish.java.net

Re: SSL connection error

From: Karthik Sudarshan <Karthik.Sudarshan_at_Sun.COM>
Date: Fri, 23 Jan 2009 22:34:31 +0530

Thanks, that did it :)

V B Kumar Jayanti wrote:
> Karthik Sudarshan wrote:
>> Hi all,
>> I'm using Glassfish v2 and when I access my web application via
>> https on the default port (8181), via, a test client I get the
>> exception below. Does anyone have any idea of what I'm missing? When
>> I access from the browser, the browser gives an error saying the
>> certificate is self signed (which is the case by default), and I have
>> to add an exception in the browser and after that everything is fine.
>>
>> I'm also attaching the client that I'm using to test it with the
>> mail. It would be great if someone can throw some light on this.
>>
> make sure you set the System Property javax.net.ssl.trustStore
> property in your client code before making the connection. The value
> of the property should be a java keystore which has the self-signed
> certificate of the server. You can point it to
> domains/domainx/config/cacerts.jks for example.
>
> rgds.
>
>> -Karthik
>>
>> Exception in thread "main" javax.net.ssl.SSLHandshakeException:
>> sun.security.validator.ValidatorException: PKIX path building failed:
>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> find valid certification path to requested target
>> at
>> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
>> at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
>>
>> at
>> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
>> at
>> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
>> at
>> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
>>
>> at
>> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
>>
>> at
>> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
>> at
>> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
>>
>> at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
>>
>> at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
>>
>> at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)
>>
>> at
>> com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
>>
>> at
>> sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(StreamEncoder.java:336)
>> at
>> sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(StreamEncoder.java:404)
>>
>> at
>> sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:408)
>> at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152)
>> at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213)
>> at com.sun.portal.mirage.webdav.client.Test.main(Test.java:35)
>> Caused by: sun.security.validator.ValidatorException: PKIX path
>> building failed:
>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>> find valid certification path to requested target
>> at
>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
>> at
>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
>>
>> at sun.security.validator.Validator.validate(Validator.java:203)
>> at
>> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
>>
>> at
>> com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
>>
>> at
>> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> /*
>> * To change this template, choose Tools | Templates
>> * and open the template in the editor.
>> */
>>
>> package com.sun.portal.mirage.webdav.client;
>>
>> import java.io.BufferedReader;
>> import java.io.InputStreamReader;
>> import java.io.OutputStreamWriter;
>> import java.io.Writer;
>> import java.net.Socket;
>> import javax.net.ssl.SSLSocketFactory;
>>
>> /**
>> *
>> * @author Karthik
>> */
>> public class Test {
>> public static final String TARGET_HTTPS_SERVER = "localhost";
>> public static final int TARGET_HTTPS_PORT = 8181;
>>
>> public static void main(String[] args) throws Exception {
>>
>> Socket socket = SSLSocketFactory.getDefault().
>> createSocket(TARGET_HTTPS_SERVER, TARGET_HTTPS_PORT);
>> try {
>> Writer out = new OutputStreamWriter(
>> socket.getOutputStream(), "ISO-8859-1");
>> out.write("GET / HTTP/1.1\r\n");
>> out.write("Host: " + TARGET_HTTPS_SERVER + ":" +
>> TARGET_HTTPS_PORT + "\r\n");
>> out.write("Agent: SSL-TEST\r\n");
>> out.write("\r\n");
>> out.flush();
>> BufferedReader in = new BufferedReader(
>> new InputStreamReader(socket.getInputStream(), "ISO-8859-1"));
>> String line = null;
>> while ((line = in.readLine()) != null) {
>> System.out.println(line);
>> }
>> } finally {
>> socket.close();
>> }
>> }
>>
>> }
>>
>>
>> ------------------------------------------------------------------------
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>>
>
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.