Hi,I was wondering if there was a way disabling SSL session resumption all together when using SSLSockets. I found that the minimum size of the session cache (set via SSLSessionContext.setSessionCacheSize) is 1. In other words how to force a full session renegotiation every time on client ...

Are there any legal issues with the data presented in a self-signed certificate? For example, if I present data in a self-signed certificate that does not accurately reflect our company (i.e. another it presents another company's Common Name), is this illegal? Obviously we not trying to get ...

haihow to implement ssl with tomcat 5.5I used standlone program to run within my systemthat's oki don't know how to implement it for web based.please give detailed helpThanks and Regards S.S.Reddyssreddy.reddy@gmail.com

Hi every one,Im new to SSL and have a problem in authenticating the client with the server. when i disable ((SSLServerSocket)serversocket).setNeedClientAuth(true);both the server and client work fine and i get the required output.if i use -Djavax.net.ssl.truststore=trustStoreName and ...

Hello,I am implementing a high availability application that uses SSL session caching. How much memory does it consume? I mean, is setting session cache size to unlimited a 'safe' option?Thanks.

Trying to prove connectivity. My test program works in Windows but not in Solaris. It compiles clean but I get error below when run.testc.java:import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory;import java.io.*;public class testc {public static void main(String[] arstring) ...

Hi everybuddy, Here I coded a function makes object of url and then read content using buffered reader (connection.getInputStream()).which gived an exception. I havn't signed my applet.and tried with changing permission.Even simple program doesn't work.Plz Help!!Regards,Palak ...

I generated CSR from a keytool and got a certificate signed from Verisign for 14 daysI'm using JDK5 with jetty HTTP Server. I have also installed unlimited jurisdiction policy in my JRE..1.When communication starts happening between Client & Server , I get a strange Exception such as jvm ...

Hi All,if some one helps me out in this regard i am very thankful.there is a webservice Halloworld implemented in .Net.for that we have implemented a sample java program to invoke the webservice. while executing i am getting error--java.net.ConnectException: Connection timed out: ...

Hello everyone.I'm experiencing a strange thing...First, i'm running JDK 1.5.0_05.I'm trying to access a webservice trough SSL (with Client authentication) using Axis 1.3.0.The remote call works just fine when I run it from my PC,but fails with the above code when running on a production ...

Hello,I've been scratching my head for while on a problem concerning SSL session caching. Upon examining memory usage of the session cache I noticed that the number of cached sessions is reset at some point while new session are created. For example sometimes at around 300 -1500 sessions the ...

I am connecting to a local web service using JAXWS (Java 6) over https. Does anybody know if there is a way to turn off the SSL certificate autentication for such a connection ? Disabling it will save me a lot of hassle related to keys/certificates on the client. I am always connecting to a ...

I have been asked to secure an existing FTP client application using FTPS, and have been searching the Web for the last 3 hours for a single example on how to do this. The application uses the Apache commons Ftp library, which does not natively support Ftps. However, it looks like what I need ...

Hi, I am learning RMI whit SSL and I have a problem, I cant run the example form the RMI SSL tutorials.I can run the server, and bind the object but the client throw this exception:HelloClient exception: error during JRMP connection establishment; nested exception ...

HelloI have developed an application that opens a SSLSocket to connect to a remote server. It works on windows but not on Linux machines.Running the application on Linux machines (RH 7.3, RHEL4.3 and CentOS), I find the following exception when executing ...

Hello!I'm using SSL with client authentication. The server is IBM HTTP Server. For some reason the client does not provide the certificate chain. The client runs with the following options: -Djavax.net.debug=ssl -Djavax.net.ssl.trustStorePassword=stokrotka ...

Hi,I am getting java.lang.NullPointerException when calling the 'validate' method. Appreciate any help. Thanksimport com.sun.net.ssl.internal.ssl.Provider;import java.io.*;import java.net.URL;import java.net.URLEncoder;import java.security.Security;import java.text.DateFormat;public class ...

I'm new to HTTPS and SSL implementation, so my question may seem very basic to you all.I'm trying to read from an HTTPS url. I can successfully read a standard HTTP url. I've read a lot of the posts, but I can't seem to get a handle on how to do this. We are not concerned about verifying ...

Hi all experts. can any one tell me what is the difference between the SSLSocket and the SSLEngine(non-blocking)? which once should be used in which application. Has SSLEngine still got some bugs...... I could'nt find that much info about it. I hope that i will get some help from u lot ...

Hi suppose that there is a server (web server) that accept https connection from a client (java SSL socket), the client first initiate the connection, then they do handshake, after successful handshake now the client can make GET/POST.... request, let say he make a "GET page1.html" request, the ...

Hi,i am trying to call a method of a https web service from a webapp on glassfish.I've imported the certificate with the keytool into the cacerts.jks file.When i do a call to a method of the serviceport, i have this error : CertificateException : No subject alternative names presentis there ...

Is there any method available by which we can check that what cipher the client ?

Hi, I've written a simple ssl client (basing on jakarta commons httpclient project) that connects to IIS with SSL and it works only i f I add ssl certificate from IIS to the jre cacerts (using keytool import). The cacerts are automatically readed somehow (don't know how)I want to make the ...

Does JSSE implementation of TLSv1 falls back to SSLv3 or SSLv2 if server requests.I am planning to use TLSv3 protocol for our SSL client implementation. My worry is if I use TLSv3 which being the latest and the new standard, does the Sun's JSSE implementation fallsback to SSLv3 or SSLv2 if the ...

I know how to get all enabled/supported cipher suites from an SSLServerSocket or an SSLSocket, but I only want to use ones that are 128 bit or above. I know I can get all supported suites, then set only the ones that are 128+ bit, but I can't tell which ones are 128+ bit. Is there an easy way ...

Is there a way to turn on compression for client-mode SSL sockets in Java 5 or 6?The deflate compression method has been standardized for a few years now, and it looks like Apache and OpenSSL 0.9.8 now support it, so it would be really handy to have on the client side.

Hi,In java SSLContext.init(keyManagers, trustManagers, null) we pass keyManagers and trustManagers to init it, these managers can be created for example like this:KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());kmfactory.init(keystore, ...

I have two tools available to me: keytool from the jdk set of executables ($JAVA_HOME/bin/keytool) and openssl. I have used openssl to create a public key certificate and a companion private key. I have successfully used keytool to import the public key certificate into my default keystore ...

I have a client program which connects to an Apache server, sends some HTTP messages and retrieves the responses.An example message is:OPTIONS / HTTP/1.1Host: 127.0.0.1Accept: */*The response from Apache is:HTTP/1.1 200 OKDate: Wed, 07 Mar 2007 14:57:16 GMTServer: Apache/2.2.3 (Unix) ...

Hello all, I hope someone can help with this.I've got a Java program that I am trying to get to connect to an external server. The program is running on my local development box, and I am using Rational Application Developer. To run the program, I'm right clicking the main class, and running ...

I have an application that makes use of the com.sun.net.ssl.internal.ssl.Provider class in JSSE for SSL communication. This application compiles and runs just fine under _05 and _09 versions of the JDK./JRE. However, after installing the _13 version of the JDK, this class can no longer be found ...

Hi,I am seeing the following exception while negotiating the handshake.Any insight or thoughts will be very helpful.Thanks.javax.net.ssl.SSLProtocolException: java.io.IOException: Parse UTC time, invalid offsetat com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:1003)at ...

what is the difference by seting the keystore, trust store with the System.setProperty() or by creating them as....KeyStore ks = KeyStore.getInstance("JKS");ks.load(new FileInputStream(keystore), keystorepass);KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");kmf.init(ks, ...

Hi,I'm looking for the default password of the trusted.certs keystore. I want to import a certificate into this keystore with keytool, but it doesn't work.I already know that the default password of the cacert keystore is "changeit" but this pw doesn't work with the trusted.certs ...

How can I get the public client ip in the server using RMISSLServerSecuritySocket?I磎 using the class RMISSLServerSocketFactory

Communication with a secure https page from a java application I am doing like below and want to know if it is secure,i.e. is the information in the string content being transmitted securely in printout.writeBytes(content) ? HttpsURLConnection urlConn; URL url= "https://somewebpage"; String ...

Hi All,I am using HttpClient 3.0 and Tomcat web server.I am implementing certificate-based client authentication over SSL.For this I have created a client certificate 揷lient2.p12?by using OpenSSL tool.When I am loading this certificate by keystore.load (inputstream, password) it works fine.But ...

Hello,Java has full support for HTTPS over SSL/TLS. So I was wondering if it solve all problems of internet communications, what do you guys think about it? And what is the advantage to use HTTPS over SSL/TLS instead implement a algorithm to encrypt my data and transmit it trougth the ...

Hi,I done the initial steps to create a certificate. Sent it to CA to authorized it and got it sent back. Anyway, when i tried to import the *.crt file i received into the *.jks file, i received the below error.java.io.EOFExceptionat java.io.DataInputStream.readFully(Unknown Source)at ...

during the ssl socket creation if we dont specifiy any particular cipher to use then on what bases does it select a cipher. is It always SSL_RSA_WITH_RC4_128_MD5 ?

Hi,I am trying to access website using SSL and running JAVA code from inside Oracle 10g DB server using SSL and Java. I have loaded my java code into Oracle data base. My problem is when I am running same code from outside the DB it is running perfectly fine but when the same code is loaded ...

Hi,My company has C code that connects to a server over HTTPS using the OpenSSL libraries. In this code, I can specify the filename of a root CA certificate that lives on the client, and if the web server responds with a certificate signed by that root CA, the connection succeeds. I'm trying ...

The -selfcert option seems to have dissappeared from keytool in jdk 1.6. What is the new recommended way to self certfify myself?-geoff

We are running into an issue where when we run a test case to have a TLS handshake with tomcat on port 4334, our CPU load goes very high. The Test case involves a client hello with 0 fragment, and TLS v1 is used.TLS session in initiated on port 8443 of our server that is running Tomcat 5.5 with ...

I'm working on an application that will contact several ISP websites, to retrieve the connections statistics.Several of those websites needs certificate authentication's.For the moment I found 2 solutions:* Getting the certificate and put it manually in my keystore* Bypass the security by ...

HiCould anyone let me know what should be the ideal sizes for the inbound and outbound buffer sizes for the following?1. Outbound buffer - application data (before wrap)2. Outbound buffer - net data (after wrap)3. Inbound buffer - application data(after unwrap)4. Inbound buffer - net ...

Hi, there. I have created a client/server program with the sslscoket and sslserversocket, using the keystore and truststore and the self-signed certificate. Now I can send a message from the client and receive the message in the server side using the socket's outputstream and inputstream.Now ...

I'm trying to use SSL for encryption only. I don't need to implement authentication, as the app handles that at a higher level. I saw a simple example for setting up the server, from the Java Developer's Almanac. Based on that I set up the server as follows.ServerSocketFactory ssocketFactory ...

I'm trying to implement an SSL connection with a custom protocol above it, not HTTPS. I don't want to use certs because I don't want the users to have to deal with them. So I created essentially a dummy cert on the server, and I'd like to find a way to tell the client not to validate the ...

Helo everybody.I need to solve next problem:1. Build/Use a client program that can operate with the HTTPS protocol. There are no restrictions on the type of client program used, providing it can use this protocol and deal with transactions synchronously.2. Build/Use a program that can build a ...