dcsimg
RMI with SSL problem
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   LioneL_PJ
Posted On:   Monday, July 30, 2001 11:54 PM

Any help to get this problem resolved would be of help. I get the error as below: D: est t>java Client Server Client exception: Error marshaling transport header; nested exception is: javax.net.ssl.SSLException: untrusted server cert chain java.rmi.MarshalException: Error marshaling transport header; nested exception is: javax.net.ssl.SSLException: untrusted server cert chain javax.net.ssl.SSLException: untrusted server cert chain at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198]) at com.sun.net.ssl.   More>>

Any help to get this problem resolved would be of help.



I get the error as below:


D: est
t>java Client

Server

Client exception: Error marshaling transport header; nested exception is:

javax.net.ssl.SSLException: untrusted server cert chain

java.rmi.MarshalException: Error marshaling transport header; nested exception is:

javax.net.ssl.SSLException: untrusted server cert chain

javax.net.ssl.SSLException:
untrusted server cert chain

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])

at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])

at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-120198])

at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198])

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])

at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])

at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:76)

at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:134)

at java.io.DataOutputStream.flush(DataOutputStream.java:108)

at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:207)

at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:178)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:87)

at Server_Stub.passArgs(Unknown Source)

at Client.main(Client.java, Compiled Code)


the server was invoked as:

D: est
t>java -Djava.rmi.server.codebase="file:/d:/test" -Djava.policy=d:/test/policy Server a b c

Server bound in registry


where policy had allpermission


The server program is given as below:


import java.net.InetAddress;

import java.rmi.Naming;

import java.rmi.registry.LocateRegistry;

import java.rmi.registry.Registry;

import java.rmi.RemoteException;

import java.rmi.RMISecurityManager;

import java.rmi.server.UnicastRemoteObject;


public class Server extends UnicastRemoteObject implements Message

{


private static String[] args;


public Server() throws RemoteException

{

// super();

super(0, new RMISSLClientSocketFactory(),
new RMISSLServerSocketFactory());

}


public String[] passArgs() {

System.out.println(args[0]);

System.out.println(args[1]);

System.out.println(args[2]);

System.out.println(args.length);

System.out.println();


return args;

}


public static void main(String a[])

{

// Create and install a security manager


if (System.getSecurityManager() == null)

{

System.setSecurityManager(new RMISecurityManager());

}

args=a;

try

{

Server obj = new Server();

// Bind this object instance to the name "Server"

Registry r = LocateRegistry.createRegistry(4646);

r.rebind("Server", obj);


System.out.println("Server bound in registry");

} catch (Exception e) {


System.out.println("Server err: " + e.getMessage());

e.printStackTrace();

}

}

}



The RMISSLServerSocketFactory class is as below:

------------------------------------------------


import java.io.*;

import java.net.*;

import java.rmi.server.*;

import javax.net.ssl.*;

import java.security.KeyStore;

import javax.net.*;

import javax.net.ssl.*;

import javax.security.cert.X509Certificate;

import com.sun.net.ssl.*;


public class RMISSLServerSocketFactory implements RMIServerSocketFactory, Serializable

{

public ServerSocket createServerSocket(int port)
throws IOException

{

SSLServerSocketFactory ssf = null;


try {

// set up key manager to do server authentication

SSLContext ctx;

KeyManagerFactory kmf;

KeyStore ks;

char[] passphrase = "passphrase".toCharArray();

ctx = SSLContext.getInstance("TLS");

kmf = KeyManagerFactory.getInstance("SunX509");

ks = KeyStore.getInstance("JKS");

ks.load(new FileInputStream("testkeys"), passphrase);

kmf.init(ks, passphrase);

ctx.init(kmf.getKeyManagers(), null, null);

ssf = ctx.getServerSocketFactory();

} catch (Exception e)

{

e.printStackTrace();

}

return ssf.createServerSocket(port);

}

}


The RMIClientSocketFactory is as below:

--------------------------------------


import java.io.*;

import java.net.*;

import java.rmi.server.*;

import javax.net.ssl.*;


public class RMISSLClientSocketFactory implements RMIClientSocketFactory, Serializable

{

public Socket createSocket(String host, int port)
throws IOException

{

SSLSocketFactory factory =
(SSLSocketFactory)SSLSocketFactory.getDefault();

SSLSocket socket = (SSLSocket)factory.createSocket(host, port);

return socket;

}

}


And finally the client program is :

-------------------------------

import java.net.InetAddress;

import java.rmi.registry.LocateRegistry;

import java.rmi.registry.Registry;

import java.rmi.RemoteException;


public class Client

{

public static void main(String args[])

{

try

{

// "obj" is the identifier that we'll use to refer

// to the remote object that implements the "Hello"

// interface

Message obj = null;

Registry r = LocateRegistry.getRegistry(InetAddress.getLocalHost().getHostName(),4646);

obj = (Message)r.lookup("Server");

String[] s = r.list();

for(int i = 0; i < s.length; i++)

System.out.println(s);

String[] arg = null;


System.out.println(obj.passArgs());

arg = obj.passArgs();

System.out.println(arg[0]+"
"+arg[1]+"
"+arg[2]+"
");


} catch (Exception e) {


System.out.println("Client exception: " + e.getMessage());

e.printStackTrace();

}

}

}


The Message interface has the code:

------------------------------------


import java.rmi.Remote;

import java.rmi.RemoteException;


public interface Message extends Remote

{

String[] passArgs() throws
RemoteException;

}


Plz. help. Urgent.


Regards,

LioneL    <<Less

Re: RMI with SSL problem

Posted By:   Sandy_McPherson  
Posted On:   Wednesday, September 5, 2001 08:52 AM

You need to import your phony certificate into jssecacerts so that it is trusted....

I found this out at

http://www.onjava.com/pub/a/onjava/2001/05/03/java_security.html
About | Sitemap | Contact