I guess we fixed this problem long long time ago. Why don't you upgrade to 1.x?
Trustin On Nov 9, 2007 1:30 AM, Francesca Milan <[EMAIL PROTECTED]> wrote: > Francesca Milan ha scritto: > > > Niklas Therning ha scritto: > >> Francesca Milan wrote: > >> > >>> SSLContextFactory was this class > >>> http://www.koders.com/java/fid8F948DB894E85F952BCCCB5B305BF92F0BE19DF6.aspx?s=bougus > >>> > >>> > >>> > >>> Niklas Therning ha scritto: > >>> > >>>> Francesca Milan wrote: > >>>> > >>>> > >>>>> <snip/> > >>>>> > >>>>> SSLFilter filter = new > >>>>> SSLFilter(SSLContextFactory.getInstance(true)); > >>>>> > >>>> I'm not familiar with the SSLContextFactory class. Is that something > >>>> you've developed yourself? What does getInstance() do? > >>>> > >>>> Make sure the SSLEngine you're using isn't set to client mode. > >>>> > >>>> > >> Hmmm, ok. And your client? Is it using MINA? Maybe your client doesn't > >> trust the bogus certificate used by the server? What does the stack > >> trace of the exception you get look like? Is the exception thrown on the > >> client or server side? What MINA version are you using? > >> > >> > > Hi ;-), > > > > my java client use Mina (version 0.9.4) and in the SocketConnector's > > SessionCreated method I add sslFilter to the session: > > ... > > SSLFilter filter = new SSLFilter(SSLContextFactory.getInstance(false)); > > filter.setUseClientMode(true); > > session.getFilterChain().addFirst("sslFilter", filter); > > ... > > session.getFilterChain().addLast("protocolFilter", new > > ProtocolCodecFilter(this.codecFactory)); > > ... > > > > I've tryed to change the adding filter order but I hadn't good result :-/ > > I'm using Mina 0.9.4 for client and server both. > > Here there's my stack trace. > > > > javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed. > > at > > org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:428) > > at > > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501) > > > > at > > org.apache.mina.common.support.AbstractIoFilterChain.access$5(AbstractIoFilterChain.java:495) > > > > at > > org.apache.mina.common.support.AbstractIoFilterChain$1.messageReceived(AbstractIoFilterChain.java:787) > > > > at > > org.apache.mina.common.support.AbstractIoFilterChain$2.messageReceived(AbstractIoFilterChain.java:110) > > > > at > > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501)6172 > > [Handler] ERROR Log - Handler exceptionCaught, è stata chiusa > > forzatamente la sessione: Initial SSL handshake failed. > > > > at > > org.apache.mina.common.support.AbstractIoFilterChain.messageReceived(AbstractIoFilterChain.java:492) > > > > at > > org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:285) > > > > at > > org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:245) > > > > at > > org.apache.mina.transport.socket.nio.SocketIoProcessor.access$4(SocketIoProcessor.java:234) > > > > at > > org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:566) > > > > Caused by: javax.net.ssl.SSLException: Received close_notify during > > handshake > > at > > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166) > > at > > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1356) > > at > > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1324) > > at > > com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1462) > > > > at > > com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:961) > > > > at > > com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:787) > > > > at > > com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:663)[DUBUG > > - Handler] Sessione chiusa > I've tryed to change some things and now in the SessionCreated method I do: > > if (mode==RTMP.MODE_CLIENT) { > > SSLFilter filter = new > SSLFilter(SSLContextFactory.getInstance(false)); > filter.setUseClientMode(true); > session.getFilterChain().addLast("sslFilter", filter); > Log.info("Connector SSL ON"); > > session.getFilterChain().addLast("protocolFilter", > new ProtocolCodecFilter(codecFactory)); > } else{ > > SSLFilter filter = new > SSLFilter(SSLContextFactory.getInstance(true)); > filter.setUseClientMode(false); > session.getFilterChain().addLast("sslFilter", filter); > Log.info("Acceptor SSL ON"); > > session.getFilterChain().addLast("protocolFilter", > new ProtocolCodecFilter(codecFactory)); > } > > But now I have these exception (at server side): > > javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed. > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:428) > at > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501) > at > org.apache.mina.common.support.AbstractIoFilterChain.access$5(AbstractIoFilterChain.java:495) > at > org.apache.mina.common.support.AbstractIoFilterChain$1.messageReceived(AbstractIoFilterChain.java:787) > at > org.apache.mina.filter.ThreadPoolFilter.processEvent(ThreadPoolFilter.java:718) > at > org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(ThreadPoolFilter.java:475)953 > [Handler] ERROR Log - Handler exceptionCaught, è stata chiusa > forzatamente la sessione: Initial SSL handshake failed. > > at > org.apache.mina.filter.ThreadPoolFilter$Worker.run(ThreadPoolFilter.java:429) > Caused by: javax.net.ssl.SSLException: Received fatal alert: > certificate_unknown > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1356) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1324) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1486) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:961) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:787) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:663) > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:566) > at > org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:675) > at > org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:492) > at > org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:291) > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:396) > ... 6 more > > > > And these (at client side): > > javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed. > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:428) > at > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501) > at > org.apache.mina.common.support.AbstractIoFilterChain.access$5(AbstractIoFilterChain.java:495) > at > org.apache.mina.common.support.AbstractIoFilterChain$1.messageReceived(AbstractIoFilterChain.java:787) > at > org.apache.mina.filter.ThreadPoolFilter.processEvent(ThreadPoolFilter.java:718) > at > org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(ThreadPoolFilter.java:475) > at > org.apache.mina.filter.ThreadPoolFilter$Worker.run(ThreadPoolFilter.java:429) > Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem > at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source) > at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(Unknown > Source) > at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(Unknown Source) > at javax.net.ssl.SSLEngine.wrap(Unknown Source) > at > org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:518) > at > org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:291) > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:396) > ... 6 more > Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) > at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown > Source) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source) > at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown > Source) > at > org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:745) > at > org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:483) > ... 8 more > Caused by: sun.security.validator.ValidatorException: PKIX path > validation failed: java.security.cert.CertPathValidatorException: > timestamp check failed > at sun.security.validator.PKIXValidator.doValidate(Unknown Source) > at sun.security.validator.PKIXValidator.doValidate(Unknown Source) > at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) > at sun.security.validator.Validator.validate(Unknown Source) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown > Source) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown > Source) > ... 16 more > Caused by: java.security.cert.CertPathValidatorException: timestamp > check failed > at > sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown > Source) > at > sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown > Source) > at > sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown > Source) > at java.security.cert.CertPathValidator.validate(Unknown Source) > ... 23 more > Caused by: java.security.cert.CertificateExpiredException: NotAfter: Sun > Mar 11 00:59:59 CET 2007 > at sun.security.x509.CertificateValidity.valid(Unknown Source) > at sun.security.x509.X509CertImpl.checkValidity(Unknown Source) > at > sun.security.provider.certpath.BasicChecker.verifyTimestamp(Unknown Source) > at sun.security.provider.certpath.BasicChecker.check(Unknown Source) > [DUBUG - Handler] Sessione chiusa > ... 27 more > > Note that the certificate isn't expired and that I use the same > certificate for server and client both. :-( :-( :-( > -- what we call human nature is actually human habit -- http://gleamynode.net/ -- PGP Key ID: 0x0255ECA6
