Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Java Essentials >> Java Programming

SSLServerSocket problem

I am trying to write a stand alone SSLSocket application. I created the certificate with this line:

keytool -genkey -keystore serverkeys -keyalg rsa -alias chat

The SSLServerSocket gets created with no issues. The server accepts connections from the client without complaint. The problem is when I try and create the IO streams. On the server side this is the exception:

javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:678)

at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)

at java.io.ObjectInputStream$PeekInputStream.read(ObjectInputStream.java:2213)

at java.io.ObjectInputStream$PeekInputStream.readFully(ObjectInputStream.java:2226)

at java.io.ObjectInputStream$BlockDataInputStream.readShort(ObjectInputStream.java:2694)

at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:761)

at java.io.ObjectInputStream.<init>(ObjectInputStream.java:277)

at secureChatServer.network.SecureServer.createIOStreams(SecureServer.java:131)

at secureChatServer.network.ControllerServer.run(ControllerServer.java:50)

at java.lang.Thread.run(Thread.java:595)

here is the relevant code:

public SecureServer(String IPAddress,int port,int backlog)throws SecureChatException

{

try

{

//set up public private key

kStore = KeyStore.getInstance("JKS");

kStore.load(new FileInputStream(KEY), KP);

keyFactory = KeyManagerFactory.getInstance("SunX509");

keyFactory.init(kStore, KP);

sc = SSLContext.getInstance(PROTOCOL);

sc.init(keyFactory.getKeyManagers(), null,null);

//set up server factory and socket

servFactory= sc.getServerSocketFactory();

servSock = (SSLServerSocket)servFactory.createServerSocket(port, backlog, InetAddress.getByName(IPAddress));

...

and

publicvoid run()

{

short val;

int timeout=2000;

while(!stop)

{

try

{

sock = (SSLSocket)servSock.accept();

createIOStreams();

...

}

...

publicvoid createIOStreams()throws IOException

{

read =new ObjectInputStream(sock.getInputStream());

write =new ObjectOutputStream(sock.getOutputStream());

}

On the client side, I get this exception:

secureChat.exception.SecureChatException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at secureChat.network.SecureConnection.connect(SecureConnection.java:69)

at secureChat.network.RoutineBase.connect(RoutineBase.java:42)

at secureChat.network.SignUp.<init>(SignUp.java:34)

at secureChat.listeners.SignUpFormListener.actionPerformed(SignUpFormListener.java:39)

at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1849)

at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2169)

at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:420)

at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:258)

at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:236)

at java.awt.Component.processMouseEvent(Component.java:5488)

at javax.swing.JComponent.processMouseEvent(JComponent.java:3126)

at java.awt.Component.processEvent(Component.java:5253)

at java.awt.Container.processEvent(Container.java:1966)

at java.awt.Component.dispatchEventImpl(Component.java:3955)

at java.awt.Container.dispatchEventImpl(Container.java:2024)

at java.awt.Component.dispatchEvent(Component.java:3803)

at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4212)

at java.awt.LightweightDispatcher.processMouseEvent(Container.java:3892)

at java.awt.LightweightDispatcher.dispatchEvent(Container.java:3822)

at java.awt.Container.dispatchEventImpl(Container.java:2010)

at java.awt.Window.dispatchEventImpl(Window.java:1778)

at java.awt.Component.dispatchEvent(Component.java:3803)

at java.awt.EventQueue.dispatchEvent(EventQueue.java:463)

at java.awt.EventDispatchThread.pumpOneEventForHierarchy(EventDispatchThread.java:242)

at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:163)

at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:157)

at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:149)

at java.awt.EventDispatchThread.run(EventDispatchThread.java:110)

The code:

sock = (SSLSocket)sockFactory.createSocket(Properties.getIPAddress(),Properties.getPort());

write=new ObjectOutputStream(sock.getOutputStream());

read=new ObjectInputStream(sock.getInputStream());

What am I missing?

[6458 byte] By [Rusty_Shackleforda] at [2007-11-26 22:20:32]
«« calling a method from a static method
»» j2me web service stub generator
# 1

The SSL handshake only happens when you do the first I/O, not at the accept stage.

Your client doesn't trust the server's certificate. You need to export the server's certificate and import it into the client's truststore.

Or have the server's certificate signed by a CA that the client already trusts.

ejpa at 2007-7-10 11:17:37 > top of Java-index,Java Essentials,Java Programming...
Java Essentials
Java Programming

Java Essentials New Topic

Java Essentials Hot Topic

Java Essentials

All Classified