SSL in Palm
Hi
I am trying to write a j2me program to create a ssl connection to retrieve a document from a web server.
String url="https://www.versign.com";
HttpConnection c = (HttpConnection)Connector.open(url);
int status = c.getResponseCode();
StringBuffer response = new StringBuffer();
InputStream is = c.openInputStream();
int len = (int)c.getLength();
if (len > 0) {
byte[] data = new byte[len];
int actual = is.read(data);
for (int i=0;i < len;i++) {
response.append((char)data);
}
But the program always throw "Bad certificate" exception. Anybody know what 's wrong or has a sample code that can set up ssl connection?
[744 byte] By [
cs_ccwab] at [2007-9-26 9:49:56]
[cs_ccwab],
The current J2ME CLDC/MIDP specification does not support SSL HTTP connections i.e. the HttpConnection interface will throw exceptions trying to connect to a secure webserver.
There are plans to provide a tiny version of SSL for the J2ME runtime environment, however this is still a R&D project within SUN and not officially announced at the moment.
HTH.
Allen Lai
Developer Technical Support
SUN Microsystems
htpp://www.sun.com/developers/support/
I am using wirless toolkit 1.03 beta that claims it can support https.
[ cs_ccwa],
> I am using wirless toolkit 1.03 beta that claims it
> can support https.
Yes, this is true. However, the MIDP 1.0 specification states that HTTPS suport is not mandatory and not required. So it depends on the MIDP implementation by different device manufacturers.
The release notes for the J2ME Wireless Toolkit 1.0.3 BETA does state that HTTPS is not supported on the MIDlets running on the Palm OS emulator. When you download the toolkit, the release notes should be available after the installation process.
HTH.
Allen Lai
Developer Technical Support
SUN Microsystems
http://www.sun.com/developers/support/
How about the midlets running on a real palm?It can support HTTPS?
No, neither in the real Palm.
I've spent a week trying to figure out that I don't have a choice for my MIDlets in Palm other than to use a 3rd party encryption package like bouncycastle.org. It's a real pain, my Motorola i50sx can happily make HTTPS connections, so it looks like I will need 2 versions of my program, one for the phones, and one for the Palm. ...so much for compile once run anywhere, not even write once run anywhere. I can see the need for a different API on phones and small PDAs, but jeez Sun, if you really want this thing to take off you'll have to do something about this type of inconsistencies.
Not including HTTPS in the original MIDP, renders the platform USELESS for serious enterprise wireless programming. What a shame!
And then there's the licensing issues. If you really want to deploy this, better start buying licenses for the VM, kinda makes you think if all this is really worth it. I already gave up on the iPAQ with Java. Whatever is out there is VERY slow so I'll go with good old M$ VC++, anyway, enough rambling, all this Java Mobile stuff is DEFINETELY not ready for prime time.
Luis.
The Java Wireless Application Framework of Ergon seems to support SSL in palm. http://www.ergon.ch/english/technologie/technologie.htmlAnybody has tried it?
Anybody has sample code using encryption package of bouncycastle.org to do SSL?
Hi there
Very glad to see that someone is facing the same issue that I am - namely getting a 'bad certificate' error when connecting to certain sites from a midlet using https!
Have you made any progress on this since your previous posting? My current thinking is that part of the necessary encryption APIs are not supported by the emulator. I have been trying to do some research into something called Server Gated Cryptography, which I am told may be necessary to connect to secure sites but which is not part of the API of J2MEWTK1.0.3. It is a Microsoft technology which you don't have to worry about in the PC world as it comes with IE.
I'll keep you up to date with any progress on my side, but if you could let me know what you have done about this I would be very grateful.
Thanks
Chris
I have tried to use https in java phone emulator, and it works. But it fails in palm emulator.
Reply from Sun to the question I emailed them about this issue:
> All the sites you have picked below, just happen to use MD2 with RSA
> for their signature algorithm. The MD2 support was added right after MIDP
> 1.0.3 was released. e.g. https://www.verisign.com/ will work but
> https://www.sun.com/ will not. You'll have to wait for an upgrade to the
> software if you need to access the older websites using MD2.
I need to create a secure connection over either a mobile phone/and or Palm... how far did you get with your development? at the moment Ive hit a rock and am stuck. trying to create an ssl connection seem to take so long on a desktop let alone on the mobile emulator.... would it be possible to see your sample code?
any help would be much appreciated.
thanks.
baz
(email: szh@it-innovation.soton.ac.uk)
sh999 at 2007-7-1 21:30:31 >
I cant seem to connect to a https server using the motorola i85 emulator and keep getting 'bad certificate' error... can anyone help please?
sh999 at 2007-7-1 21:30:31 >
This is the exact error im gettign:
Could not open the trusted key store, cannot authenticate HTTPS servers
parseChain caught java.lang.IllegalArgumentException: no trusted keystore given
Problems sending or receiving data.
java.io.IOException: Bad Certificate
at com.sun.kssl.Handshake.complain(+40)
at com.sun.kssl.Handshake.doHandShake(+154)
at com.sun.kssl.SSLStreamConnection.setUp(+221)
at com.sun.kssl.SSLStreamConnection.<init>(+65)
at com.sun.midp.io.j2me.https.Protocol.connect(+220)
at com.sun.midp.io.j2me.http.Protocol.sendRequest(+90)
at com.sun.midp.io.j2me.http.Protocol.openInputStream(+48)
at MsgClient.send(+55)
at MsgClient.access$200(+4)
at MsgClient$1.commandAction(+36)
at javax.microedition.lcdui.Display$DisplayAccessor.commandAction(+152)
at com.sun.kvem.midp.lcdui.EmulEventHandler$EventLoop.run(+459)
sh999 at 2007-7-1 21:30:31 >
The keystore is in appdb/_main.ks. Does this file exist under your J2MEWTK directory?
LiamQ at 2007-7-1 21:30:31 >
