Hello All,
I have been trying to use the AuthSSLProtocolSocketFactory for SSL Client
Authentication for a week but without success.
I am trying to use the
org.apache.commons.httpclient.contrib.ssl.contrib.AuthSSLProtocolSocketFactory
class.
I have server.crt(pem encoded certificate file), server.key file and a
root-ca.pem file.
my Apache2 mod_ssl configuration snippet is below:
*********************
SSLCertificateFile "C:/Java/Apache2.2/conf/verisgnCA/server.crt"
SSLCertificateKeyFile "C:/Java/Apache2.2/conf/verisgnCA/server.key"
SSLCACertificateFile "C:/Java/Apache2.2/conf/verisgnCA/root-ca.pem"
SSLVerifyClient require
SSLVerifyDepth 1
*********************
I would like to use the server cert as the client cert for now....(Please
correct me if I should not do this)
I created a keystore using the following command:
keytool -import -file C:/Java/Apache2.2/conf/verisgnCA/server.crt -keypass
C:/Java/Apache2.2/conf/verisgnCA/server.key -alias apacheclient -keystore
client.keystore -storepass 123456
I have created a truststore using the command below:
keytool -import -trustcacerts -file
C:/Java/Apache2.2/conf/verisgnCA/server.crt -keypass
C:/Java/Apache2.2/conf/verisgnCA/server.key -alias apacheclient -keystore
client.truststore -storepass 123456
I did nothing else.. did not mess anything with "cacerts"
Now I have a code like this... in my java client:
HttpClient tempClient = new HttpClient();
AuthSSLProtocolSocketFactory myAuthFactory = new
AuthSSLProtocolSocketFactory(new URL("file:" +
"C:/Java/Apache2.2/conf/verisgnCA/client.keystore"),"123456",new URL("file:"
+ "C:/Java/Apache2.2/conf/verisgnCA/client.keystore"),"123456");
Protocol myhttps = new Protocol("https",myAuthFactory,443);
Protocol.registerProtocol("https", myhttps);
tempClient.getHostConfiguration().setHost("blrsatish.domain.com", 443,
myhttps);
GetMethod getMethodObj = new
GetMethod("https://blrsatish-lt.asiapacific.hpqcorp.net/";);
//**** tried like this aswell *****//
//GetMethod getMethodObj = new GetMethod("/");
tempClient.executeMethod(getMethodObj);
I get a java.net.SocketException: Software caused connection abort: recv
failed
What I know for sure is nothing is wrong with the server configuration becos
I can import the cert/key pair to the browser access the site. I can access
the server using the openssl s_client aswell.
Please let me know what is going wrong.. or any steps I missed. I have close
this by end of this week :(
Best Regards,
Satish
--
View this message in context:
http://www.nabble.com/AuthSSLProtocolSocketFactory-%3A-Error-tf4679375.html#a13370403
Sent from the HttpClient-User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
