Hi
And what command did you use for converting pem.
I first tried using the org.mortbay.util.PKCS12Import from
http://mark.foster.cc/kb/openssl-keytool.html
<
http://mark.foster.cc/kb/openssl-keytool.html> Then i tired using
utils.ImportPrivateKey from web logic.
Is there any other ways to import pem files to java jks formats?
Can you send the steps you used with keytool to generate the keypair
I did not generate the key pair that does not work, these are gererated
by my works CA Authority. When i generated the key pair using keytool
-genkey ... the system worked ok.
Please make sure that the corresponding CA certs or the cert (if it is
self-signed) is in imported into cacerts.jks.
I do have the root ca of my certificate in cacerts of glassfish.
keytool.exe -keystore glassfish\domains\domain1\config\cacerts.jks
-list -trustcacerts -alias mykey
Enter keystore password:
mykey, 26-Apr-2007, trustedCertEntry,
Certificate fingerprint (MD5):
F7:65:A8:5E:67:2B:7C:F4:90:20:38:14:BC:05:04:F6
________________________________
From: Vbkumar.Jayanti_at_Sun.COM [mailto:Vbkumar.Jayanti_at_Sun.COM]
Sent: 26 April 2007 16:21
To: users_at_glassfish.dev.java.net
Subject: Re: SSL Mutual Authentication via JAX-WS
Drinkwater, GJ (Glen) wrote:
Hi
I am trying to setup SSL mutual authentication using JAX-WS with
glassfish UR1. I have set up everything correctly and generated a key
pair using keytool and the web service picks up the certificate fine and
everything works ok.
Now, if I convert my pem files into jks keystore format and use
this, the handshake fails. I have imported the root cert into the
trusted cacerts of glassfish and everything looks fine with the keystore
with 'keytool -list -keystore mykeystore.jks -v'
Can you send the steps you used with keytool to generate the keypair
Has anybody managed to get this working with a converted pem
credential?
And what command did you use for converting pem.
Thanks.
On the serverside I get :
SSL Error getting client Certs
javax.net.ssl.SSLHandshakeException: null cert chain
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520
)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:172)
at
com.sun.net.ssl.internal.ssl.ServerHandshaker.clientCertificate(ServerHa
ndshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHands
haker.java:148)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:4
49)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java
:817)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.
java:679)
at
com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
And on the client side I get:
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 24 53 01 2B EB A8 C6 98 9F 10 F9 CC
....$S.+........
Padded plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C 24 53 01 2B EB A8 C6 98 9F 10 F9 CC
....$S.+........
0010: EF 68 74 7D 7B E6 54 80 E5 7C DD 52 E4 90 3B 66
.ht...T....R..;f
main, WRITE: TLSv1 Handshake, length = 32
main, waiting for close_notify or alert: state 3
main, Exception while waiting for close
java.net.SocketException: Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software
caused connection abort: recv failed
%% Invalidated: [Session-3, SSL_RSA_WITH_RC4_128_MD5]
main, SEND TLSv1 ALERT: fatal, description = unexpected_message
Padded plaintext before ENCRYPTION: len = 18
0000: 02 0A ED AE 45 78 72 A0 27 0C D3 2B B4 21 DA DE
....Exr.'..+.!..
0010: BA DB ..
main, WRITE: TLSv1 Alert, length = 18
main, Exception sending alert: java.net.SocketException:
Software caused connection abort: socket write error
main, called closeSocket()
main, called close()
main, called closeInternal(true)
javax.xml.ws.WebServiceException:
javax.xml.ws.WebServiceException: java.net.SocketException: Software
caused connection abort: recv failed
Thanks glen