Discussions

General J2EE: SSL connection problems

Bookmark and Share Get thread feed

  1. SSL connection problems (3 messages)

    • Posted by: jc tremen
    • Posted on: April 25 2005 07:37 EDT
    I'm trying to execute a Post request using HTTPS. To achieve that I'm using commons-httpclient v.3.0rc1 and a custom SSLSocketProtocolSocketFactory that can work with untrusted self-signed certificates.

    My code works on Windows 2000 Pro, but it fails on Linux (Suse Linux 8.2). However I'm using JDK 1.4.2 both in Windows and LInux, with the same list of security providers set at $JAVA_HOME/jre/lib/security/java.security file.

    I've heard about problems with security when upgrading form JDK 1.4.x to JDK 1.5, but it's not the case.

    Any idea about this?

    This is the exception I get when I run my code on Linux:

    Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
    at com.sun.net.ssl.internal.ssl.PreMasterSecret.<init>(PreMasterSecret.java: 86)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker. java:514)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.j ava:160)
    at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImp l.java:1025)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:619)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
    at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConne ction.java:825)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1 920)
    at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1002)
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDir ector.java:382)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirect or.java:168)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:393)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
    at com.gd.define.orion.mailets.AbstractHttpMailet.send(AbstractHttpMailet.java:451 )
    ... 6 more
    Caused by: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/ECB/PKCS1Padding
    at javax.crypto.Cipher.getInstance(DashoA12275)
    at com.sun.net.ssl.internal.ssl.JsseJce.getCipher(JsseJce.java:90)
    at com.sun.net.ssl.internal.ssl.RSACipher.<init>(RSACipher.java:35)
    at com.sun.net.ssl.internal.ssl.RSACipher.getInstance(RSACipher.java:69)
    at com.sun.net.ssl.internal.ssl.PreMasterSecret.<init>(PreMasterSecret.java: 82)
    ... 24 more
    Reply to this

    Threaded Messages (3)

  2. SSL connection problems[ Go to top ]

    I've read in other forums that server and client running on same machine can cause problems using SSL. Is that real? My server run always on Linux and client is installed in Windows (a second machine) and Linux (server machine). Could it happen even when server uses JDK 1.5 and client uses JDK 1.4.2? May JDK version conflicts appear?
    Reply to this Reply to original

  3. Any solution for this issue?[ Go to top ]

    We are facing the same issue. One workaround is that when we upgrade the jce policy jars (at /jre/lib/security) to export strength policy jars, the issue goes away.. but we do not want this upgrade. Any other feasible solution? Karthikeyan PK
    Reply to this Reply to original

  4. are you using eclipse debug step mode?[ Go to top ]

    have a look at https ://bugs.eclipse.org/bugs/show_bug.cgi?id=95898

    (sorry for mutilating this URL, but this forum refuses simple urls :( )
    Reply to this Reply to original