Hi
I am trying to setup SSL mutual authentication using JAX-WS with
glassfish UR1. I have set up everything correctly and generated a key
pair using keytool and the web service picks up the certificate fine and
everything works ok.
Now, if I convert my pem files into jks keystore format and use this,
the handshake fails. I have imported the root cert into the trusted
cacerts of glassfish and everything looks fine with the keystore with
'keytool -list -keystore mykeystore.jks -v'
Has anybody managed to get this working with a converted pem credential?
On the serverside I get :
SSL Error getting client Certs
javax.net.ssl.SSLHandshakeException: null cert chain
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520
)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:172)
at
com.sun.net.ssl.internal.ssl.ServerHandshaker.clientCertificate(ServerHa
ndshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHands
haker.java:148)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:4
49)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java
:817)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.
java:679)
at
com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
And on the client side I get:
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 24 53 01 2B EB A8 C6 98 9F 10 F9 CC
....$S.+........
Padded plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C 24 53 01 2B EB A8 C6 98 9F 10 F9 CC
....$S.+........
0010: EF 68 74 7D 7B E6 54 80 E5 7C DD 52 E4 90 3B 66
.ht...T....R..;f
main, WRITE: TLSv1 Handshake, length = 32
main, waiting for close_notify or alert: state 3
main, Exception while waiting for close java.net.SocketException:
Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software caused
connection abort: recv failed
%% Invalidated: [Session-3, SSL_RSA_WITH_RC4_128_MD5]
main, SEND TLSv1 ALERT: fatal, description = unexpected_message
Padded plaintext before ENCRYPTION: len = 18
0000: 02 0A ED AE 45 78 72 A0 27 0C D3 2B B4 21 DA DE
....Exr.'..+.!..
0010: BA DB ..
main, WRITE: TLSv1 Alert, length = 18
main, Exception sending alert: java.net.SocketException: Software caused
connection abort: socket write error
main, called closeSocket()
main, called close()
main, called closeInternal(true)
javax.xml.ws.WebServiceException: javax.xml.ws.WebServiceException:
java.net.SocketException: Software caused connection abort: recv failed
Thanks glen