Installing itissl and running the examples

Alain Knaff Thu, 14 Sep 2000 02:35:36 -0700

Hello all,

I have a couple of problems with installing itissl, and running the
examples from de.tu_darmstadt.sp.example.*

First, problems already started when doing make install:

# make install
cp lib/itissl/itissl.jar "/usr/java/jdk1.3/jre/lib/ext/";
cp lib/libitissl.so "/usr/java/jdk1.3/jre/lib/i386/";
cd bin;
cp sfindcerts srmiregistry "/usr/java/jdk1.3/bin/";
cp: sfindcerts: Aucun fichier ou r�pertoire de ce type
cp: srmiregistry: Aucun fichier ou r�pertoire de ce type
make: *** [instbin] Error 1

I resorted to copying both files by hand...

Then I attempted to start client and server:

Server:
> cd $HOME/itissl-0.3/certs/server
> PATH=$PATH:$HOME/itissl-0.3/bin
> export CA_FILE=ca.pem
> export CERT_FILE=cert.pem
> export KEY_FILE=key.pem
> sslserver 7788


Client:
> cd $HOME/itissl-0.3/certs/server
> PATH=$PATH:$HOME/itissl-0.3/bin
> export CA_FILE=ca.pem
> export CERT_FILE=cert.pem
> export KEY_FILE=key.pem
> sslclient localhost 7788 test

However this bombs out with the following messages:
Server:
java.io.IOException: SSL:Accept failed
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:341)
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:359)
        at 
de.tu_darmstadt.sp.ssl.SSLeayServerSocket.accept(SSLeayServerSocket.java:203)
        at de.tu_darmstadt.sp.example.SSLServer.main(SSLServer.java:104)
CLOSED

Client:
Exception in thread "main" java.io.IOException: SSL:Connect failed: ok
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:341)
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:359)
        at 
de.tu_darmstadt.sp.ssl.SSLeaySocketFactory.setSSLPolicy(SSLeaySocketFactory.java:493)
        at 
de.tu_darmstadt.sp.ssl.SSLeaySocketFactory.createSocket(SSLeaySocketFactory.java:276)
        at de.tu_darmstadt.sp.example.SSLClient.main(SSLClient.java:93)


N.B. openssl s_client and openssl s_server can connect to each other
without any problems.

So, I tried to connect with an openssl s_client -connect
localhost:7788 to an itissl SSLServer, and got the following messages:

Openssl Client:
CONNECTED(00000003)

(Yes, it stops right there.  No handshake seems to be performed at
all...)

Itissl Server:
An error occured during connection:
java.io.IOException: SSL:Accept failed
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:341)
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:359)
        at 
de.tu_darmstadt.sp.ssl.SSLeayServerSocket.accept(SSLeayServerSocket.java:203)
        at de.tu_darmstadt.sp.example.SSLServer.main(SSLServer.java:104)
CLOSED

And now the reverse (Itissl client connection to openssl s_server -accept 7788 server)


Itissl Client:

Exception in thread "main" java.io.IOException: SSL:Connect failed: ok
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:341)
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:359)
        at 
de.tu_darmstadt.sp.ssl.SSLeaySocketFactory.setSSLPolicy(SSLeaySocketFactory.java:493)
        at 
de.tu_darmstadt.sp.ssl.SSLeaySocketFactory.createSocket(SSLeaySocketFactory.java:276)
        at de.tu_darmstadt.sp.example.SSLClient.main(SSLClient.java:93)

Openssl Server:

ACCEPT
ERROR
shutting down SSL
CONNECTION CLOSED


N.B. The troubleshooting page at
whttp://sponsor.iti.informatik.tu-darmstadt.de/itissl/doc/troubleshooting.html
was not of more help either:

> CA_FILE=ca.pem sslclient localhost 7788
usage:sslclient host port message
[Ok, so I added the message...]
> CA_FILE=ca.pem sslclient localhost 7788 test

... and I got the following error on the client:
Exception in thread "main" java.io.IOException: SSL:Connect failed: ok
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:341)
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:359)
        at 
de.tu_darmstadt.sp.ssl.SSLeaySocketFactory.setSSLPolicy(SSLeaySocketFactory.java:493)
        at 
de.tu_darmstadt.sp.ssl.SSLeaySocketFactory.createSocket(SSLeaySocketFactory.java:276)
        at de.tu_darmstadt.sp.example.SSLClient.main(SSLClient.java:93)

... and this on the server:
An error occured during connection:
java.io.IOException: SSL:Accept failed
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:341)
        at de.tu_darmstadt.sp.ssl.SSLeaySocket.startHandshake(SSLeaySocket.java:359)
        at 
de.tu_darmstadt.sp.ssl.SSLeayServerSocket.accept(SSLeayServerSocket.java:203)
        at de.tu_darmstadt.sp.example.SSLServer.main(SSLServer.java:104)
CLOSED

So I followed along and tried without supplying a CA_FILE for the
client, and starting the server as follows:

> sslserver -Diti.ssl.clientCARequired=false sslclient localhost 7788
Usage: sslserver port

Ok, that's where I gave up.

So, does anybody else on this list have more luck to get this to work,
or know of another free Java SSL package?

Thanks in advance,

Alain
Installing itissl and running the examples

Reply via email to
