Hi Dan, It looks like a bug in the code I wrote... I'm going to look into this. Can you try using com.noelios.restlet.util.DefaultSslContextFactory instead of com.noelios.restlet.ext.ssl.PkixSslContextFactory meanwhile?
Best wishes, Bruno. Dan Noble wrote: > Hello all, > > I am new to Restlets, and I am trying to set up a simple server to accept > HTTPS connections. (I'm using Restlets 1.1.2, Java 1.6 on OSX 10.5 and my > classpath has the following jars: > com.noelios.restlet.ext.ssl.jar > org.jsslutils.jar > org.simpleframework.jar > com.noelios.restlet.jar > org.restlet.jar > com.noelios.restlet.ext.simple_3.1.jar) > > > I have been following: > http://wiki.restlet.org/docs_1.1/13-restlet/27-restlet/46-restlet/213-restlet.html > > To generate the keystore, i used: > keytool -genkey -v -alias serverX -keypass password -keystore serverX.jks > -keyalg "RSA" -sigalg "MD5withRSA" -keysize 2048 -validity 3650 > and entered "password" for the keystore password for testing purposes. > > > Here is the code I have so far: > > public static void main(String[] args) { > > try { > // Create a new Component. > Component component = new Component(); > > // Add a new HTTPS server listening on port 8182. > Server server = component.getServers().add(Protocol.HTTPS, 8182); > > Series<Parameter> parameters = > server.getContext().getParameters(); > > File pwd = new File("."); > String path = pwd.getCanonicalPath(); > String keystorePath = path + "/keystore/serverX.jks"; > > parameters.add("sslContextFactory", > "com.noelios.restlet.ext.ssl.PkixSslContextFactory"); > > parameters.add("keystorePath", keystorePath); > parameters.add("keystorePassword", "password"); > parameters.add("keyPassword", "password"); > parameters.add("keystoreType", "JKS"); > > // Attach the sample application. > component.getDefaultHost().attach("",new > MessageForwarderApplication()); > > // Start the component. > component.start(); > System.out.println("Started"); > } catch (Exception e) { > // Something is wrong. > e.printStackTrace(); > } > } > > > The exact exception is I'm getting is: > > org.jsslutils.sslcontext.SSLContextFactory$SSLContextFactoryException: > Exception in SSLContextFactory > at > org.jsslutils.sslcontext.PKIXSSLContextFactory.getPKIXParameters(PKIXSSLContextFactory.java:231) > at > org.jsslutils.sslcontext.PKIXSSLContextFactory.getTrustParams(PKIXSSLContextFactory.java:190) > at > org.jsslutils.sslcontext.PKIXSSLContextFactory.getRawTrustManagers(PKIXSSLContextFactory.java:163) > at > org.jsslutils.sslcontext.X509SSLContextFactory.getTrustManagers(X509SSLContextFactory.java:346) > at > org.jsslutils.sslcontext.SSLContextFactory.buildSSLContext(SSLContextFactory.java:256) > at > com.noelios.restlet.ext.ssl.PkixSslContextFactory.createSslContext(PkixSslContextFactory.java:72) > at > com.noelios.restlet.ext.simple.HttpsServerHelper.start(HttpsServerHelper.java:267) > at org.restlet.Server.start(Server.java:383) > at org.restlet.Component.startServers(Component.java:1233) > at org.restlet.Component.start(Component.java:1194) > at > com.test.messageservice.MessageService.main(MessageService.java:55) // ---> > component.start(); line > Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors > parameter must be non-empty > at > java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:183) > at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:140) > at > java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:113) > at > org.jsslutils.sslcontext.PKIXSSLContextFactory.getPKIXParameters(PKIXSSLContextFactory.java:215) > ... 10 more > > After a little bit of googling, it looks like this has something to do with > the trustStore... I tried setting the truststore using: > System.setProperty("javax.net.ssl.trustStore","/path/to/osx/cacerts"); > System.setProperty("javax.net.ssl.trustStorePassword","changeit"); > but received the same error. > > If anyone has any insight, I would be most grateful! > > Thanks, > Dan > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=1065230 > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=1068636