[jira] Updated: (NET-326) A KeyManager is required when the protection level is set to 'P' with FTPSClient on active mode

Sun, 13 Mar 2011 04:54:30 -0700 

     [ 
https://issues.apache.org/jira/browse/NET-326?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bogdan Drozdowski updated NET-326:
----------------------------------

    Attachment: SSLContextsFactory.java

Here is a simple class that wraps all the SSLContext creation details in simple 
methods. There are 2 "maximum" methods (all parameters included), 1 "minimum" 
(just the keystore and a password to it) and some in between. Tested the 
simplest method - still works. Put it in the right package 
(org/apache/commons/net/util?), you can move tha anonymous class to a named 
inner class, if you like.

> A KeyManager is required when the protection level is set to 'P' with 
> FTPSClient on active mode
> -----------------------------------------------------------------------------------------------
>
>                 Key: NET-326
>                 URL: https://issues.apache.org/jira/browse/NET-326
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 2.0
>         Environment: Windows XP profesional service pack 2, Java Java 
> 1.6.0_12-b04 
>            Reporter: Terence Dudouit
>         Attachments: SSLContextsFactory.java
>
>
> Using a simple FTPS client that list a directory, when execPROT("P") is set 
> and the active mode is on, the following exception is thrown :
> javax.net.ssl.SSLException: No available certificate or key corresponds to 
> the SSL cipher suites which are enabled.
>       at 
> com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:303)
>       at 
> com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:253)
>       at 
> org.apache.commons.net.ftp.FTPClient._openDataConnection_(FTPClient.java:489)
>       at 
> org.apache.commons.net.ftp.FTPSClient._openDataConnection_(FTPSClient.java:494)
>       at org.apache.commons.net.ftp.FTPClient.listNames(FTPClient.java:1950)
>       at org.apache.commons.net.ftp.FTPClient.listNames(FTPClient.java:1996)
>       at 
> fr.enovacom.eai.actions.dynamiques.protocole.ftp.FTPGet.testFTPS(FTPGet.java:379)
>       at 
> fr.enovacom.eai.actions.dynamiques.protocole.ftp.FTPGet.main(FTPGet.java:401)
> This doesn't occur on passive mode.
> The only way to make it work is to set a keyManager although there is no need 
> for a client authentication.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to