Solved

Steps used to generate SSL certificate for gSOAP server and Client

Posted on 2010-09-07
28
5,202 Views
Last Modified: 2014-04-25
There is no clear steps present for generate SSL certificate for gSOAP server and Client. If the SOAP server is generated using gSOAP toolkit and the client are in C++ and Java. then how do we generated SSL certificates in C++ and Java also. I have tried the mentioned step provided by searching on the net but no help. Also how can the self-signed certificate works?
0
Comment
Question by:Collin_Aranha
  • 15
  • 12
28 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 33623666
I'd go for generating the OpenSSL certificates as shown here: http://sial.org/howto/openssl/self-signed/ - worked fine for me, yet not for gSOAP specifically, but since the underlying encryption layer is OpenSSL, this should make no difference.
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33624363
I agree with jkr. You could use any self signed certification generation utility from OpenSSL or MS IIS toolkit, and it should work with any app that you want to build. Though you need to make sure the certificate format is consistent with the APIs that you are using.

For converting certificates between formats, check this out -
https://www.sslshopper.com/ssl-converter.html
0
 

Author Comment

by:Collin_Aranha
ID: 33624600
i have a doubt....   when i use the default gsoap toolkit data and refer to the sample provided and use hte same in one machine [localhost - as the certificates work for local host only]. i get the error that the client side as

-------------------------
SOAP 1.1 fault: soapenv:Client [no subcode]
"SSL_ERROR_SSL
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"
Detail: SSL_connect error in tcp_connect()
-------------------------
and at the server i get
SSL_ERROR_SSL
error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
or
Error observed by underlying BIO: No error
 
any idea about this?
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33624641
Seems like the certificate creation is fine. Is the certificate expired? Did you have an expiry period when it was created?
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33624667
I just noticed that certificate verification is failing? You could possibly verify the certificate created using OpenSSL?

Also have a look at this (JKR also has given this link) to make sure the certificate creation has not missed any of the steps http://sial.org/howto/openssl/self-signed/

Can you also indicate which tool did you use to create the self signed certificate?
0
 

Author Comment

by:Collin_Aranha
ID: 33624782
i used the same sample provided by the gSOAP toolkit. which has the vaildity of one year. and it is not expired. both client and server is on one machine using localhost as mentioned in the certificate.
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33625160
This is what is typically done-

Use computer hose name for the Common Name from the openssl.cnf file.
Combine the key file and the ca-cert file into one combined file (key data first, then ca-cert data) and reference this from soap.keyfile in the code.

Are you doing it in this way?
0
 

Author Comment

by:Collin_Aranha
ID: 33626274
i am doing it this way itself. also i generated the der file and used it in the IE8. from there when i use the hostname:port itwork doesn't show me certicate warning message where as i use hte IP address and port then it shows me a warning message.
i used the cacert file converted to der and then using keytool converted to jks file. is there any thing i am missing?
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33626295
Looks fine.
Could you check with API is throwing the error on the server and the client?
0
 

Author Comment

by:Collin_Aranha
ID: 33626417
I have the axis xml file entry at the JAVA CLIENT as the following:
    <!-- the non blocking https transport based on HttpCore + SSL-NIO extensions -->
    <transportReceiver name="https" class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
     <parameter name="port" locked="false">81</parameter>
     <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="keystore" locked="false">
            <KeyStore>
                <Location>F:\Soap_Client\Eclipse\identity.jks</Location>
                <Type>JKS</Type>
                <Password>password</Password>
                <KeyPassword>password</KeyPassword>
            </KeyStore>
        </parameter>
        <parameter name="truststore" locked="false">
            <TrustStore>
                <Location>file:///F:/Soap_Client/Eclipse/truststore.jks</Location>
                <Type>JKS</Type>
                <Password>password</Password>
            </TrustStore>
        </parameter>
         <!--<parameter name="SSLVerifyClient">require</parameter>
           supports optional|require or defaults to none -->
    </transportReceiver>
Is this correct as i get error at the C++ SERVER SIDE as SSL_ERROR_SSL
error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown.
In case of the C++ CLIENT SIDE i get the error "SSL_ERROR_SSL
error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca".
Both the clients are not functional with the server. only the IE 8 client is working fine. Is there any difference with the IE8 and the clients the way they connect?
0
 

Author Comment

by:Collin_Aranha
ID: 33626529
oh i had pasted the transportReceiver , any way for transportSender also i have hte setting done.
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33626570
Since IE8 client works fine with the server, I guess the server is correct. from the above log it appears that it tries to interpret the certificate as sslv3.
But the client side log as tlsv1. Looks like the client is interpreting the certificate differently? Any parameters that you are passing on the client side APIs are causing this issue? Do you have access to the server side code? If yes, just check the certificate types being used in the APIs.
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33626605
Difference between TSL and SSL are minor, but they wont work together in most cases.

From microsoft website -
"•Although their differences are minor, TLS 1.0 and SSL 3.0 are not interchangeable. If the same protocol is not supported by both parties, the parties must negotiate a common protocol to communicate successfully."

http://technet.microsoft.com/en-us/library/cc784450(WS.10).aspx
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33633669
some code from one of my projects -  see if it helps. I'm using TLS and X.509 certificate in pkcs12 format

int processCardPayment(TICustomerCard custCard, TIMerchantInfo tiInfo)
	{
		
		customerCard = custCard;
		this.tiInfo = tiInfo;
		
		//For testing purpose. Use the incoming card details for deployment
		customerCard.setTestCard("name", TICustomerCard.VISA);
		
		//Create the payment request XML
		formCardPaymentXML();
		
		try
		{	
			//This function reads the local certificate file
			test2();
			
			SSLSocketFactory sslfactory = null;
		    
			SSLContext sslCtx;
			KeyManagerFactory kmFact;
			KeyStore ks;
			
			//Password used to generate the certificate
			char[] passphrase = "a1a2a3a4".toCharArray();

			//Use SSL for context and SUNX509 for KMFactory
			sslCtx = SSLContext.getInstance("TLS");
			kmFact = KeyManagerFactory.getInstance("SunX509");
			
			//Certificate uses PKCS12 
			ks = KeyStore.getInstance("PKCS12");

			//Certificate location
			ks.load(new FileInputStream("c:\\temp\\1001217271.pfx"), passphrase);

			kmFact.init(ks, passphrase);
			
			sslCtx.init(kmFact.getKeyManagers(), null, null);

			TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
			tmf.init(ks);
			X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[0];
			SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
			//sslCtx.init(null, new TrustManager[] {tm}, null);

			
			sslfactory = sslCtx.getSocketFactory();
		    		
			/////////////////////////
			
			SSLSocket sslFDSock = (SSLSocket) sslfactory.createSocket();
			
			InetSocketAddress fdServerSock = new InetSocketAddress(fdServer, fdAPIPort);
   
			sslFDSock.connect(fdServerSock);
            
			System.out.println("conn="+sslFDSock.isConnected());
			
			sslFDSock.startHandshake();
     
			BufferedWriter out = new BufferedWriter(new OutputStreamWriter(sslFDSock.getOutputStream()));
          
			System.out.println(xmlSaleSendRequest);
			out.write(xmlSaleSendRequest);
          
			BufferedReader in = new BufferedReader(new InputStreamReader(sslFDSock.getInputStream()));
			String x = in.readLine();

          
          
		}
		
		catch(Exception e)
		{
			System.out.println(e.toString());
		}


		return 0;
		
	}
	
	private void test2() throws Exception {
		char[] passphrase = "changeit".toCharArray();

		File file = new File("jssecacerts");
		if (file.isFile() == false) {
		    char SEP = File.separatorChar;
		    File dir = new File(System.getProperty("java.home") + SEP
			    + "lib" + SEP + "security");
		    file = new File(dir, "jssecacerts");
		    if (file.isFile() == false) {
			file = new File(dir, "cacerts");
		    }
		}
		System.out.println("Loading KeyStore " + file + "...");
		InputStream in = new FileInputStream(file);
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
		ks.load(in, passphrase);
		in.close();

		SSLContext context = SSLContext.getInstance("TLS");
		TrustManagerFactory tmf =
		    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		tmf.init(ks);

		X509TrustManager defaultTrustManager = (X509TrustManager)tmf.getTrustManagers()[0];
		SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
		
		//------------
		KeyManagerFactory kmFact;
		KeyStore tiks;
		
		//Password used to generate the certificate
		char[] passphrase2 = "a1a2a3a4".toCharArray();

		//Use SSL for context and SUNX509 for KMFactory
		kmFact = KeyManagerFactory.getInstance("SunX509");
		
		//Certificate uses PKCS12 
		tiks = KeyStore.getInstance("PKCS12");

		//Certificate location
		tiks.load(new FileInputStream("c:\\temp\\1001217271.pfx"), passphrase2);

		kmFact.init(tiks, passphrase2);
		
		//----------
		
		
		
		context.init(kmFact.getKeyManagers(), new TrustManager[] {tm}, null);
		
		SSLSocketFactory factory = context.getSocketFactory();

		System.out.println("Opening connection to " + fdServer + ":" + fdAPIPort + "...");
		SSLSocket socket = (SSLSocket)factory.createSocket(fdServer, fdAPIPort);
		
		socket.setSoTimeout(10000);
		
		socket.setUseClientMode(true);
		
		socket.startHandshake();
	
		BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
        
		out.write(xmlSaleSendRequest);
      
		BufferedReader is = new BufferedReader(new InputStreamReader(socket.getInputStream()));

		String x = is.readLine();

		System.out.println(x);
		
		socket.close();
		
	}

Open in new window

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Collin_Aranha
ID: 33660619
Hello xdomains,
finally after complete rebuilt of the code from scratch. the C++ server with the C++ Client is working. where as the Java client is not working yet. I am using axis2 for Java Client. I get hte error at server as "SSL_ERROR_SSL
error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request" and the Jav Client is timing out.
:(
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33660782
I think SSL is independent of Axis2 (I'm not familiar with axis2, but I guess its for web services?).
The first hurdle is setting up communication over SSL, so a simple java client should be fine. DId you try with the code I posted? It might require some minor changes/cleanup based on what certificate you are using...
0
 

Author Comment

by:Collin_Aranha
ID: 33661005
ok then first i will use the code provide and let you know the results. Thanks for the code base.
0
 

Author Comment

by:Collin_Aranha
ID: 33662860
with the help of the client code u provided i could do this.
now i get the error at the C++ server "SSL_ERROR_SSL
error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac" and the client provides the following stacktrace

javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at SSLSocketClientWithClientAuth.main(SSLSocketClientWithClientAuth.java:123)
on the net it says that may be hte opennssl verion used may not work. the openssl version used by me is openssl-0.9.8o [at hte server side]
public class SSLSocketClientWithClientAuth {

public static void main(String[] args) throws Exception {
String host = null;
int port = -1;
String path = null;
for (int i = 0; i < args.length; i++)
System.out.println(args[i]);

if (args.length < 3) {
System.out.println("USAGE: java SSLSocketClientWithClientAuth "
+ "host port requestedfilepath");
System.exit(-1);
}

try {
host = args[0];
port = Integer.parseInt(args[1]);
path = args[2];
} catch (IllegalArgumentException e) {
System.out.println("USAGE: java SSLSocketClientWithClientAuth "
+ "host port requestedfilepath");
System.exit(-1);
}

try {

/*
* Set up a key manager for client authentication if asked by the
* server. Use the implementation's default TrustStore and
* secureRandom routines.
*/
SSLSocketFactory factory = null;
try {
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
char[] passphrase = "password".toCharArray();
TrustManager[] trustManagers = null;

ctx = SSLContext.getInstance("SSLv3"); //TLS
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); //("SunX509");
ks = KeyStore.getInstance("JKS");

ks.load(new FileInputStream("F:\\Soap_Client\\Eclipse\\truststore.jks"), passphrase);

kmf.init(ks, passphrase);

TrustManagerFactory trustManagerfactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerfactory.init(ks);
trustManagers = trustManagerfactory.getTrustManagers();

ctx.init(kmf.getKeyManagers(), trustManagers, null);

factory = ctx.getSocketFactory();
} catch (Exception e) {
throw new IOException(e.getMessage());
}

SSLSocket socket = (SSLSocket) factory.createSocket(host, port);

/*
* send http request
*
* See SSLSocketClient.java for more information about why there is
* a forced handshake here when using PrintWriters.
*/
socket.startHandshake();

PrintWriter out = new PrintWriter(new BufferedWriter(
new OutputStreamWriter(socket.getOutputStream())));
out.println("GET " + path + " HTTP/1.0");
out.println();
out.flush();

/*
* Make sure there were no surprises
*/
if (out.checkError())
System.out
.println("SSLSocketClient: java.io.PrintWriter error");

/* read response */
BufferedReader in = new BufferedReader(new InputStreamReader(socket
.getInputStream()));

String inputLine;

while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);

in.close();
out.close();
socket.close();

} catch (Exception e) {
e.printStackTrace();
}
}
}
0
 

Author Comment

by:Collin_Aranha
ID: 33663186
Additionally if at the server side i mention that "SOAP_SSL_NO_AUTHENTICATION" then the client is able to do a handshake. the output is
SVFUNCAS1
9366
something
HTTP/1.1 405 Method Not Allowed
Server: gSOAP/2.7
Content-Type: text/xml; charset=utf-8
Content-Encoding: gzip
Content-Length: 301
Connection: close

<some chars encoded due to GZIP support at the server>
 is there any thing required to support compression at the Java Client. Is it because of this the error is "SSL3_GET_RECORD:decryption failed or bad record mac". i am lost now. i hope this is the last problem i am facing.....
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33669120
The logs seems to indicate some differences between the certificates that client sends and the server expects... (see the "bad record mac" and "decryption failed"). Points to issue in Messag Authentication Code issue. Or the certificate mismatch between client and server.

For the classes in the above code, these are the supported values. Could you please share details on your certificate? I havent used JKS kind of stuff. What did you use from your C++ client?

Engine Class        Algorithm or
Implemented           Protocol

KeyFactory            "RSA"

KeyPairGenerator      "RSA"

KeyStore              "PKCS12"

Signature             "MD2withRSA"
Signature             "MD5withRSA"
Signature             "SHA1withRSA"

KeyManagerFactory     "SunX509"
TrustManagerFactory   "SunX509", "SunPKIX"

SSLContext            "SSL"
SSLContext            "SSLv3"
SSLContext            "TLS"
SSLContext            "TLSv1"

0
 
LVL 5

Expert Comment

by:xdomains
ID: 33669132
Sorry i missed the compression part...

If you want to use compression, then both client and server must support it. Since you are handcrafting the HTML, you will need to handle decompression on your own. Use the native HTTP classes from Java, which will make your life easier.

If not, use the compression classes. Typically, any traffic over HTTP will have the data compressed, and base-64 encoded. You youwill first hv to do base-64 decode and then decompress.
Again, all these depend on what the server does!!
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33669142
If you need, a detailed documentation on the certificates and how to use SSL.

http://download.oracle.com/javase/1.4.2/docs/guide/security/jsse/JSSERefGuide.html
0
 

Author Comment

by:Collin_Aranha
ID: 33669461
Currenlty i found that the server was having specific SSLv3 connection only. i have changed this to the default one after this the C++ Client and the Java client pasted above is able to get data. but when i use axis2 for hte Java Client then i get hte following error fro mteh server that the client is connecting as the HTTP request. know i have built the axis2 code and tried to get more information i get the following. i have highlighted the code. i was able to enable hte HTTPS on the sender and the receiver but still the connection was going as HTTP.

Client Started
log4j: Trying to find [log4j.xml] using context classloader sun.misc.Launcher$AppClassLoader@fabe9.
log4j: Trying to find [log4j.xml] using sun.misc.Launcher$AppClassLoader@fabe9 class loader.
log4j: Trying to find [log4j.xml] using ClassLoader.getSystemResource().
log4j: Trying to find [log4j.properties] using context classloader sun.misc.Launcher$AppClassLoader@fabe9.
log4j: Using URL [jar:file:/F:/Soap_Client/Eclipse/axis2-1.4.1/lib/log4j.jar!/log4j.properties] for automatic log4j configuration.
log4j: Reading configuration from URL jar:file:/F:/Soap_Client/Eclipse/axis2-1.4.1/lib/log4j.jar!/log4j.properties
log4j: Parsing for [root] with value=[TRACE, CONSOLE ].
log4j: Level token is [TRACE].
log4j: Category root set to TRACE
log4j: Parsing appender named "CONSOLE".
log4j: Parsing layout options for "CONSOLE".
log4j: Setting property [conversionPattern] to [- %m%n ].
log4j: End of parsing for "CONSOLE".
log4j: Setting property [threshold] to [INFO].
log4j: Parsed "CONSOLE" options.
log4j: Finished configuring.
- Deploying module: addressing-1.41 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/addressing-1.41.mar
- Deploying module: metadataExchange-1.41 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/mex-1.41.mar
- Deploying module: ping-1.41 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/ping-1.41.mar
- Deploying module: rahas-1.4 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/rahas-1.4.mar
- Deploying module: rampart-1.4 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/rampart-1.4.mar
- Deploying module: script-1.41 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/scripting-1.41.mar
- Deploying module: soapmonitor-1.41 - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/modules/soapmonitor-1.41.mar
- Deploying module: metadataExchange - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/lib/mex-1.4.1.jar
TLS SSLContext: javax.net.ssl.SSLContext
retunr TLS SSLContext: SSLv3 com.sun.net.ssl.internal.ssl.SSLSessionContextImpl@10bbf9e SunJSSE version 1.6
- HTTPS Sender starting
- Deploying Web service: NsnListenerServer.aar - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/services/NsnListenerServer.aar
- Deploying Web service: version.aar - file:/F:/Soap_Client/Eclipse/axis2-1.4.1/repository/services/version.aar
- HTTPS Listener starting on port : 81
- Using simulated buffered Pipes for event-driven to stream IO bridging
- HTTP connection [SVFUNCAS1/10.254.0.132:9366]: An existing connection was forcibly closed by the remote host
java.io.IOException: An existing connection was forcibly closed by the remote host
at sun.nio.ch.SocketDispatcher.read0(Native Method)
at sun.nio.ch.SocketDispatcher.read(Unknown Source)
at sun.nio.ch.IOUtil.readIntoNativeBuffer(Unknown Source)
at sun.nio.ch.IOUtil.read(Unknown Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at org.apache.axis2.transport.nhttp.LoggingIOSession$LoggingByteChannel.read(LoggingIOSession.java:185)
at org.apache.http.impl.nio.reactor.SessionInputBufferImpl.fill(SessionInputBufferImpl.java:85)
at org.apache.http.impl.nio.codecs.AbstractMessageParser.fillBuffer(AbstractMessageParser.java:97)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:113)
at org.apache.axis2.transport.nhttp.PlainClientIOEventDispatch.inputReady(PlainClientIOEventDispatch.java:72)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:98)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:195)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:180)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:142)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:70)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:318)
at java.lang.Thread.run(Unknown Source)
- I/O error : An existing connection was forcibly closed by the remote host
java.io.IOException: An existing connection was forcibly closed by the remote host
at sun.nio.ch.SocketDispatcher.read0(Native Method)
at sun.nio.ch.SocketDispatcher.read(Unknown Source)
at sun.nio.ch.IOUtil.readIntoNativeBuffer(Unknown Source)
at sun.nio.ch.IOUtil.read(Unknown Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at org.apache.axis2.transport.nhttp.LoggingIOSession$LoggingByteChannel.read(LoggingIOSession.java:185)
at org.apache.http.impl.nio.reactor.SessionInputBufferImpl.fill(SessionInputBufferImpl.java:85)
at org.apache.http.impl.nio.codecs.AbstractMessageParser.fillBuffer(AbstractMessageParser.java:97)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:113)
at org.apache.axis2.transport.nhttp.PlainClientIOEventDispatch.inputReady(PlainClientIOEventDispatch.java:72)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:98)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:195)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:180)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:142)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:70)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:318)
at java.lang.Thread.run(Unknown Source)
org.apache.axis2.AxisFault: Time out while waiting for the server to send the response.
at org.apache.axis2.description.OutInAxisOperationClient$SyncCallBack.waitForCompletion(OutInAxisOperation.java:497)
at org.apache.axis2.description.OutInAxisOperationClient.sendAsync(OutInAxisOperation.java:313)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:224)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at org.apache.axis2.axis2userguide.ServiceStub.getPublicKey(ServiceStub.java:863)
at org.apache.axis2.axis2userguide.Smctry.main(Smctry.java:86)
Exception in thread "main" java.lang.NullPointerException
at org.apache.axis2.axis2userguide.Smctry.main(Smctry.java:92)
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33669572
Sorry, I am a bit confused. Just summarizing the current state below-
a) The Server is using SSL v3 certificate
b) The c++ and Java client is able to send and recieve data over the SSL channel with the JKS certificate file
c) But not working with axis2 webservice client

I see one issue in the above log-
- HTTPS Listener starting on port : 81
- Using simulated buffered Pipes for event-driven to stream IO bridging
- HTTP connection [SVFUNCAS1/10.254.0.132:9366]: An existing connection was forcibly closed by the remote host

HTTPS listener - This should be on the server, right? Why should there be a listener on the client side? Also, HTTPS works on port 443 on the server. Is there a HTTPS listener (ie, a HTTPS server) running on the client?
0
 

Author Comment

by:Collin_Aranha
ID: 33680518
yes the client accepts mutiple callback hence has a listener. now after such a struggle i used "synapse-1.2" for https. the request from the client reached the server and then the server finished the operation but later the response did not reach the client. it threw me the following exception
Exception in thread "main" java.lang.NullPointerException
at org.apache.axis2.axis2userguide.ServiceStub.getPublicKey(ServiceStub.java:868)
at org.apache.axis2.axis2userguide.Smctry.main(Smctry.java:88)
when i debugged the code i found that in the generated stub at
org.apache.axis2.context.MessageContext _returnMessageContext = _operationClient.getMessageContext(
org.apache.axis2.wsdl.WSDLConstants.MESSAGE_LABEL_IN_VALUE);
the function getMessageContext returned is null.
0
 
LVL 5

Accepted Solution

by:
xdomains earned 500 total points
ID: 33681289
Seems like the SSL certificate issue is resolved? atleast from client to server?

That would mean that all requests from java client to server is succeeding, right?

And now, the issue is the callbacks from the server doesnt work?
If that is the case, I would suggest that you isolate testing of server to client communication, and get that working. Probably, building a separate component and service might be easier to figure out whats happening?
I've no exposure on axis, so cant comment too much on this...:(
0
 

Author Closing Comment

by:Collin_Aranha
ID: 33688831
Currently it should be easy to solve from now. i will be writting a Trasnportsender extends from AbstractHandler and implements TransportSender. I think this should solve the problem.
I am not sure why axis2 1.5 has removed the transport sender and lisenter which was avaiable in axis2 1.4.
Thanks... :)
0
 
LVL 5

Expert Comment

by:xdomains
ID: 33688858
Glad to know my comments were useful. Thanks for the rating...:)
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now