V B Kumar Jayanti wrote:
> Gerald Holl wrote:
>
>> Hello,
>>
>> I'm trying to get SSL and IIOP working.
>>
>> I have a standalone client where I lookup a remote EJB stateless
>> session bean.
>> The lookup works fine if I don't use SSL. When I switch to SSL I get
>> the following error:
>>
>> javax.naming.CommunicationException: Can't find SerialContextProvider
>> [Root exception is org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor
>> code: 208 completed: Maybe]
>> at
>> com.sun.enterprise.naming.SerialContext.getProvider(SerialContext.java:165)
>>
>> at
>> com.sun.enterprise.naming.SerialContext.lookup(SerialContext.java:398)
>> at javax.naming.InitialContext.lookup(InitialContext.java:392)
>> ...
>>
>> Here's the lookup code of the client:
>> System.setProperty("javax.net.ssl.trustStore", "client.keystore");
>> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>> System.setProperty("javax.net.ssl.keyStore", "client.keystore");
>> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
>> System.setProperty("org.omg.CORBA.ORBInitialHost", "localhost");
>> System.setProperty("org.omg.CORBA.ORBInitialPort", "3820");
>> InitialContext ctx = new InitialContext();
>> server = (Server) ctx.lookup("Server");
>>
>> I added the servers' public key to the client's keystore and vice versa.
>>
>> The appserv-rt.jar and javaee.jar are on the client's classpath.
>>
> Looks fine, not sure why you are seeing the failure. Can you set
> -Djavax.net.debug=ssl,handshake and attach the logs. It may show the
> real reason.
Hi,
I'm a little bit confused about the last four lines of the following log:
debug=all:
found key for : client
chain [0] = [
[
Version: V3
Subject: CN=Widok Client, OU=F&E, O=F&E Hagenberg, L=Hagenberg,
ST=OOE, C=AT
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
...
Issuer: CN=Widok Client, OU=F&E, O=F&E Hagenberg, L=Hagenberg,
ST=OOE, C=AT
SerialNumber: [ 46e0f94c]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 4C 4F 73 A4 0B D4 BE B9 31 62 7B 4E 86 43 59 8B [...]
]
***
adding as trusted cert:
Subject: CN=widok.fh-ooe.at, OU=F&E, O=F&E Hagenberg, L=Hagenberg,
ST=OOE, C=AT
Issuer: CN=widok.fh-ooe.at, OU=F&E, O=F&E Hagenberg, L=Hagenberg,
ST=OOE, C=AT
Algorithm: RSA; Serial number: 0x46e0f6ed
Valid from Fri Sep 07 08:59:57 CEST 2007 until Thu Jan 02 07:59:57
CET 2020
adding as trusted cert:
Subject: CN=Widok Client, OU=F&E, O=F&E Hagenberg, L=Hagenberg,
ST=OOE, C=AT
Issuer: CN=Widok Client, OU=F&E, O=F&E Hagenberg, L=Hagenberg,
ST=OOE, C=AT
Algorithm: RSA; Serial number: 0x46e0f94c
Valid from Fri Sep 07 09:10:04 CEST 2007 until Thu Jan 02 08:10:04
CET 2020
X509KeyManager passed to SSLContext.init(): need an
X509ExtendedKeyManager for SSLEngine use
trigger seeding of SecureRandom
done seeding SecureRandom