Problems in using TLS

brmaguir Thu, 27 Mar 2008 04:11:31 -0700

Hey,

I'm trying to communicate with a web service using Apache CXF using TLS.
When I specify TLS in the cxf.xml file using:


                <http-conf:tlsClientParameters secureSocketProtocol="TLS">      
                        <sec:trustManagers>
                                <sec:keyStore password="password" 
url="file:\C:/path/to/keystore"/>
                        </sec:trustManagers>
                        <sec:cipherSuitesFilter>
                                <sec:include>.*.*.</sec:include>
                        </sec:cipherSuitesFilter>
                </http-conf:tlsClientParameters>

it is failing with the following error:

27-Mar-2008 11:06:03 org.apache.cxf.phase.PhaseInterceptorChain doIntercept
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Connection reset
        at
org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
abindingInterceptor.java:75)
        at
org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68
)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
        at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
        at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
        at $Proxy35.login(Unknown Source)
        at thirdPartyAPI.test.Test.loginAppuser(Test.java:135)
        at thirdPartyAPI.test.Test.main(Test.java:61)
Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset
        at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313)
        at
org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
abindingInterceptor.java:73)
        ... 9 more
Caused by: java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(Unknown Source)
        at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
        at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source)
        at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
Source)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown
Source)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCachin
g(HTTPConduit.java:1766)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit
.java:1734)
        at
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:4
2)
        at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:96)
        at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214)
        at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311)
        ... 10 more
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Connection
reset
        at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:175)
        at $Proxy35.login(Unknown Source)
        at thirdPartyAPI.test.Test.loginAppuser(Test.java:135)
        at thirdPartyAPI.test.Test.main(Test.java:61)
Caused by: org.apache.cxf.interceptor.Fault: Connection reset
        at
org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
abindingInterceptor.java:75)
        at
org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68
)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
        at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
        at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
        ... 3 more
Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset
        at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313)
        at
org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
abindingInterceptor.java:73)
        ... 9 more
Caused by: java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(Unknown Source)
        at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
        at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source)
        at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
Source)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown
Source)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCachin
g(HTTPConduit.java:1766)
        at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit
.java:1734)
        at
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:4
2)
        at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:96)
        at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214)
        at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311)
        ... 10 more


When I look at the trace in wireshark it shows the outgoing message from the
CXF client as been SSLv2. The server then sends back a TCP RST. I've also
tried using "TLSv1" and "SSLv3" as the protocol but the client uses SSLv2
regardless.

I've also tried specifying the protocol via the code using:

                Client c = ClientProxy.getClient(port);
                HTTPConduit conduit = (HTTPConduit) c.getConduit();             
                TLSClientParameters params = conduit.getTlsClientParameters();
                params.setSecureSocketProtocol("TLS");          
                conduit.setTlsClientParameters(params);

This still makes no difference.

Any ideas on what's going wrong / how to fix it? Any help would be greatly
appreciated.

Regards,
Brendan
-- 
View this message in context: 
http://www.nabble.com/Problems-in-using-TLS-tp16324298p16324298.html
Sent from the cxf-user mailing list archive at Nabble.com.

Problems in using TLS

Reply via email to