Hello everybody, I'm having problems with secure thrift traffic. Well, in all likeliness it's a problem with my understanding of keystores/certificates/keys infrastructure.
I'll need interoperable thrift servers and clients for Java, CSharp and Delphi. For now I prepared an example of Java (server and client) and CSharp (client). The plain (unencrypted) traffic gets through OK in both cases (Java client calling Java server and CSharp client calling Java server). The secure example however, I only managed to get through in a Java - Java case, whereas Delphi client reports an error: Unhandled Exception: System.IO.IOException: The authentication or decryption has failed. ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. The example (thrift files, sources, incl. build files (ant for Java and nant for CSharp) and crypto infrastructure) can be found here: Browse: https://drive.google.com/open?id=0BzuBGqGqS8miYUpQdHFYTDRxR28 Download complete example (tar.gz): https://drive.google.com/open?id=0BzuBGqGqS8miTTJfeS1CZGFZNXc A few guildelines. 1. Java: see Java/readme.txt build.xml contains run targets, but you'll have trouble killing background server processes. So... run (shell) scripts are in Java directory. 2. CSharp: see CSharp/readme.txt Again, build.build also contains run targets. Run (shell) scripts are in CSharp directory. 3. Crypto: I tried two tools: keytool (generated files in Crypto/KeyTool) and openssl (generated results in Crypto/OpenSSL). Copy either ones into Crypto directory to try them out. Please take a look at the source and crypto infrastructure and tell me what I am doing wrong. Thanks. Regards, James
