Re: Problems in using TLS

brmaguir Tue, 01 Apr 2008 06:30:58 -0700


Thanks for the reply Daniel.


I tried using the 2.0.5 libraries but am still getting the exact same
errors.

Am I setting it up correctly using the cxf.xml file? Any other ideas on what
the problem could be?

Cheers,
Brenan


brmaguir wrote:
> 
> Hey,
> 
> I'm trying to communicate with a web service using Apache CXF using TLS.
> When I specify TLS in the cxf.xml file using:
> 
>                 <http-conf:tlsClientParameters secureSocketProtocol="TLS">    
>                       <sec:trustManagers>
>                               <sec:keyStore password="password" 
> url="file:\C:/path/to/keystore"/>
>                       </sec:trustManagers>
>                       <sec:cipherSuitesFilter>
>                               <sec:include>.*.*.</sec:include>
>                       </sec:cipherSuitesFilter>
>               </http-conf:tlsClientParameters>
> 
> it is failing with the following error:
> 
> 27-Mar-2008 11:06:03 org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> INFO: Interceptor has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: Connection reset
>       at
> org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
> abindingInterceptor.java:75)
>       at
> org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68
> )
>       at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
>       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
>       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
>       at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>       at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
>       at $Proxy35.login(Unknown Source)
>       at thirdPartyAPI.test.Test.loginAppuser(Test.java:135)
>       at thirdPartyAPI.test.Test.main(Test.java:61)
> Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset
>       at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313)
>       at
> org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
> abindingInterceptor.java:73)
>       ... 9 more
> Caused by: java.net.SocketException: Connection reset
>       at java.net.SocketInputStream.read(Unknown Source)
>       at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
>       at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
>       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
>       at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source)
>       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
> Source)
>       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
> Source)
>       at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
>       at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
> Source)
>       at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
> Source)
>       at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown
> Source)
>       at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCachin
> g(HTTPConduit.java:1766)
>       at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit
> .java:1734)
>       at
> org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:4
> 2)
>       at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:96)
>       at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214)
>       at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311)
>       ... 10 more
> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException:
> Connection reset
>       at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:175)
>       at $Proxy35.login(Unknown Source)
>       at thirdPartyAPI.test.Test.loginAppuser(Test.java:135)
>       at thirdPartyAPI.test.Test.main(Test.java:61)
> Caused by: org.apache.cxf.interceptor.Fault: Connection reset
>       at
> org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
> abindingInterceptor.java:75)
>       at
> org.apache.cxf.interceptor.BareOutInterceptor.handleMessage(BareOutInterceptor.java:68
> )
>       at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
>       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
>       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
>       at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>       at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
>       ... 3 more
> Caused by: com.ctc.wstx.exc.WstxIOException: Connection reset
>       at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:313)
>       at
> org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor.writeParts(AbstractOutDat
> abindingInterceptor.java:73)
>       ... 9 more
> Caused by: java.net.SocketException: Connection reset
>       at java.net.SocketInputStream.read(Unknown Source)
>       at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
>       at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
>       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
>       at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
> Source)
>       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
> Source)
>       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
> Source)
>       at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
>       at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
> Source)
>       at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
> Source)
>       at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unknown
> Source)
>       at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCachin
> g(HTTPConduit.java:1766)
>       at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit
> .java:1734)
>       at
> org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:4
> 2)
>       at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:96)
>       at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214)
>       at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311)
>       ... 10 more
> 
> 
> When I look at the trace in wireshark it shows the outgoing message from
> the CXF client as been SSLv2. The server then sends back a TCP RST. I've
> also tried using "TLSv1" and "SSLv3" as the protocol but the client uses
> SSLv2 regardless.
> 
> I've also tried specifying the protocol via the code using:
> 
>                 Client c = ClientProxy.getClient(port);
>               HTTPConduit conduit = (HTTPConduit) c.getConduit();             
>               TLSClientParameters params = conduit.getTlsClientParameters();
>               params.setSecureSocketProtocol("TLS");          
>               conduit.setTlsClientParameters(params);
> 
> This still makes no difference.
> 
> Any ideas on what's going wrong / how to fix it? Any help would be greatly
> appreciated.
> 
> Regards,
> Brendan
> 

-- 
View this message in context: 
http://www.nabble.com/Problems-in-using-TLS-tp16324298p16418425.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Problems in using TLS

Reply via email to