I
ineath
I'm trying to set up SSLSocket - SSLServerSocket connections and
am having difficulty putting all of the pieces together. The end
result: two exceptions when the client attempts to connect to the
server:
Server:
javax.net.ssl.SSLHandshakeException: Received fatal alert:
certificate_unknown
Client:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException:
No trusted certificate found
This is (I think) because I'm using a self-signed certificate.
For those familiar with it, I adapted the code in Java Network
Programming (2nd ed) by Elliotte Rusty Harold. The server is
basically on pp. 404-406:
SSLContext context = SSLContext.getInstance("SSL");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore ks = KeyStore.getInstance("JKS");
char[] password = "2andnotafnord".toCharArray();
ks.load(new FileInputStream("ssltestserver.keys"), password);
kmf.init(ks, password);
context.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory factory = context.getServerSocketFactory();
SSLServerSocket servsock = (SSLServerSocket) factory.createServerSocket(
port );
To generate the certificate, I again followed the book and used:
% keytool -genkey -alias ssltestserver -keystore ssltestserver.keys
I'm not sure if it matters, but I'm also using a self-signed
(via openssl) certificate on the https web server side.
am having difficulty putting all of the pieces together. The end
result: two exceptions when the client attempts to connect to the
server:
Server:
javax.net.ssl.SSLHandshakeException: Received fatal alert:
certificate_unknown
Client:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException:
No trusted certificate found
This is (I think) because I'm using a self-signed certificate.
For those familiar with it, I adapted the code in Java Network
Programming (2nd ed) by Elliotte Rusty Harold. The server is
basically on pp. 404-406:
SSLContext context = SSLContext.getInstance("SSL");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore ks = KeyStore.getInstance("JKS");
char[] password = "2andnotafnord".toCharArray();
ks.load(new FileInputStream("ssltestserver.keys"), password);
kmf.init(ks, password);
context.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory factory = context.getServerSocketFactory();
SSLServerSocket servsock = (SSLServerSocket) factory.createServerSocket(
port );
To generate the certificate, I again followed the book and used:
% keytool -genkey -alias ssltestserver -keystore ssltestserver.keys
I'm not sure if it matters, but I'm also using a self-signed
(via openssl) certificate on the https web server side.