Hi Rob,
Thanks for your reply. That book sounds interesting, I'm going to
check it out for sure. I'm still playing around with it, but you're
right, it's not the certificate.. I guess I'm a little bit misguided
as most of the examples on the Internet don't involve SSLContext's. I
can get it working just by using:
SSLServerSocketFactory sslserversocketfactory =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket sslserversocket =
(SSLServerSocket)sslserversocketfactory.createServerSocket(9999);
I would basically like to use either SSL or TLS using RSA with 2048bit
key-handshake key length and 128bit payload keylength in my
communications. I suppose you aren't aware of any examples doing
something like this with MINA or other projects that have achieved
this? I tried looking around but didn't find anything or any mention
of anyone using SSL with MINA. Anyway, I'll play around with it some
more, it's just a little frustrating when it takes longer to encrypt
the communications on the server end compared to implementing it!
haha, but it's all thanks to MINA anyway.
So far, it looks like I'll have to bundle the certificate with the
client application after all, but I'll figure that out when I reach
that point.
Thanks,
Joe
On 6/21/06, Rob Butler <[EMAIL PROTECTED]> wrote:
The error you display below is not because of keystore
or certificate issues. SSL requires the use of
several different cryptographic algorithms. The API
for getting these various algorithms is shipped with
the JDK as part of the javax.security package. The
actual implementation of these algorithms are "plugged
in" through a Service Provider Interface (SPI).
JVM's before Java 1.4 were not shipped with any crypto
algorithms because of the legal & political
implications at the time. Java 1.4 and up have Sun
provided crypto providers packaged with them but you
can still plug in additional or third party crypto
providers.
The problem is the code cannot find a crypto provider
that supplies the RC4 algorithm.
> Caused by: java.security.NoSuchAlgorithmException:
> Cannot find any provider
> supporting RC4
> at javax.crypto.Cipher.getInstance(DashoA12275)
If your trying to do this on a JVM before 1.4 you need
to install and configure a crypto provider that has
the RC4 algorithm. If you doing this on 1.4 it might
work but I don't know if Sun's crypto provider
supplies that algorithm. If not, you still need to
plugin an additional provider. Google around there
are several good free or open source ones on the net
_if_ you need one.
A really great book on Java cryptography that explains
things in simple terms is: Java Cryptography
Extensions : Practical Guide for Programmers
http://www.amazon.com/gp/product/0127427511/sr=8-3/qid=1150835043/ref=pd_bbs_3/103-6541991-0431868?%5Fencoding=UTF8
This book is well worth the money at even four times
the price!
Hope this helps,
Rob
--- class acts <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> I'm having some trouble connecting a client
> socket to MINA configured to
> use SSL. I have tried everything from creating my
> own keystore to using the
> BogusSSLContextFactory in MINA. The furthest I got
> was getting:
>
> javax.net.ssl.SSLHandshakeException: Initial SSL
> handshake failed.
> at
>
org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:421)
> at
>
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived
> (AbstractIoFilterChain.java:501)
> at
>
org.apache.mina.common.support.AbstractIoFilterChain.access$1000(
> AbstractIoFilterChain.java:51)
> at
>
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived
> (AbstractIoFilterChain.java:787)
> at
>
org.apache.mina.filter.ThreadPoolFilter.processEvent(
> ThreadPoolFilter.java:718)
> at
>
org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(
> ThreadPoolFilter.java:474)
> at
> org.apache.mina.filter.ThreadPoolFilter$Worker.run(
> ThreadPoolFilter.java:429)
> Caused by: javax.net.ssl.SSLException: Algorithm
> missing:
> at
>
com.sun.net.ssl.internal.ssl.SSLEngineImpl.changeReadCiphers(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(Unknown
> Source)
> at javax.net.ssl.SSLEngine.unwrap(Unknown
> Source)
> at
>
org.apache.mina.filter.support.SSLHandler.unwrapHandshake(
> SSLHandler.java:675)
> at
>
org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java
> :492)
> at
>
org.apache.mina.filter.support.SSLHandler.messageReceived(
> SSLHandler.java:291)
> at
>
org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:389)
> ... 6 more
> Caused by: java.security.NoSuchAlgorithmException:
> Cannot find any provider
> supporting RC4
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
com.sun.net.ssl.internal.ssl.JsseJce.getCipher(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.CipherBox.<init>(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.CipherBox.newCipherBox(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.CipherSuite$BulkCipher.newCipher(Unknown
> Source)
> at
>
com.sun.net.ssl.internal.ssl.Handshaker.newReadCipher(Unknown
> Source)
>
>
>
>
> I tried passing the KeyStore flags to the server and
> client applications but
> still to no avail. I suppose even any sample code
> that can connect to the
> EchoServer's SSL would be greatly appreciated.
> Also, if using Java Web
> Start in the client application connecting to the
> server backend, has anyone
> tried doing this? If the client needs to install
> the server's cert, I'm not
> sure how that can be accomplished with JWS. Any
> thoughts is greatly
> appreciated.
>
> Thanks,
>
> Joe
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
