Solved

https connection from url object using JSSE

Posted on 2000-05-11
5
293 Views
Last Modified: 2012-08-13
I'm trying to open a url connection using url object by passing https protocol request.  But I'm getting "untrusted Server certificate chain" exception.  I've been to java forum I tried lot many things to get rid of this exception.  But I couldn't make it possible.

Environment is as follows:
Application Server is : WebLogic Application Server
normal java client.
Using JSSE on client side inorder to call https protocol from url.
I'm trying use url.openConnection from a java client to weblogic application server.
Any suggestions appriciated.
0
Comment
Question by:rs_akella
5 Comments
 

Expert Comment

by:btilley
ID: 2802691
Do you have SSL configured to run on your weblogic server?
0
 
LVL 12

Expert Comment

by:geotiger
ID: 2802885
listening ...
0
 
LVL 1

Expert Comment

by:yanchou
ID: 2803276
What certification did you install in server? Is it self signed certification or from root CA?
0
 

Accepted Solution

by:
kirtish_java earned 100 total points
ID: 2803316
As u r connecting from client to server , u need to configure several things in particular order .
 
           First of all u have to check the sign certificate u have got for ur client application, whether it is included in ur server side list or not.
           Socondly , u should mention from where u have got the sign certificate , means u have signed it ur self or thru CA.B'coz several times ur own signed application gives this exception as it may not be listed in the server side list.
           so , the only thing u have to check is the validation of ur certi and on server side its configuration.
             if still u find some problem during configuration ,  u can easily find me at
    kirtish_parekh@hotmail.com.  
0
 

Author Comment

by:rs_akella
ID: 2805807
I'm getting this exception on client side. Not on server side. I'm getting this initially when client sends first packet of data to server.

This is the scenario.
First server gets the request from client, server sends a certificate to client.  Client checks whether the certificate from server is a trusted one. That's when I'm getting this exception on client side.

Here is the sample code snippet
import java.net.*;
import java.io.*;

/*
 * This example illustrates using a URL to access resources
 * on a secure site.
 *
 * To use Sun's reference implementation of HTTPS protocol, Please set
 * the following Java system property:
 *
 *    java.protocol.handler.pkgs = com.sun.net.ssl.internal.www.protocol
 *
 * If you are running inside a firewall, please also set the following
 * Java system properties to the appropriate value:
 *
 *   https.proxyHost = <secure proxy server hostname>
 *   https.proxyPort = <secure proxy server port>
 *
 */

public class URLReader
{
    public static void main(String[] args)
    {
        try
        {
            URL verisign = new URL("https://192.168.0.15:7002/");
            BufferedReader in = new BufferedReader(
                        new InputStreamReader(
                        verisign.openStream()));

            String inputLine;

            while((inputLine = in.readLine()) != null)
                System.out.println(inputLine);
            in.close();
        }
        catch(Exception e)
        {
            e.printStackTrace();
        }    
    }
}

And Here is the StackTrace ---------
E:\jsse1.0.1\samples\urls>java -cp .;E:\jsse1.0.1\lib\jsse.jar;E:\jsse1.0.1\lib\
jcert.jar;E:\jsse1.0.1\lib\jnet.jar -Dhttps.proxyHost=192.168.0.15 -Dhttps.proxy
Port=8080 -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol URL
Reader
javax.net.ssl.SSLException: untrusted server cert chain
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198
])
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPr
o-V1.2-120198])
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2
-120198])
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
        at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120
198])
        at java.io.OutputStream.write(OutputStream.java:65)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V
1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect([Da
shoPro-V1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer(
[DashoPro-V1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l([DashoPro-V1
..2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>([DashoP
ro-V1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>([Dasho
Pro-V1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V
1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connec
t([DashoPro-V1.2-120198])
        at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInp
utStream([DashoPro-V1.2-120198])
        at java.net.URL.openStream(URL.java:818)
        at URLReader.main(URLReader.java, Compiled Code)
StackTrace Ends Here -----------------
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now