Hi Marc,
Have you tried setting serverFilter.setNeedClientAuth(false) ?
Just to see if that helps.
Maarten
On Fri, Mar 7, 2008 at 5:03 PM, Mark Renouf <[EMAIL PROTECTED]> wrote:
> Hmm. I really hoped this was it. I just tried this (downloaded
> jce_policy-1_5_0.zip from sun and installed jars into my
> jre/lib/security folder). No change... :-(
>
> If it helps, I added a little more code to display the ciphersuites,
> protocols and the details of the keys and certificates in use:
> (They are exactly the same for client and server, except for the
> actualy key and cert, so I'm only listing the client side)
>
> SSLParameters clientSSLParams = clientSSLContext.getDefaultSSLParameters
> ();
> LOGGER.info("Client Protocols: " +
> Arrays.asList(clientSSLParams.getProtocols()));
> LOGGER.info("Client Cipher Suites: " +
> Arrays.asList(clientSSLParams.getCipherSuites()));
>
> 2008-03-07 11:01:10,206 INFO main SSLTest - Client Protocols:
> [SSLv2Hello, SSLv3, TLSv1]
> 2008-03-07 11:01:10,206 INFO main SSLTest - Client Cipher Suites:
> [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
> SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
> SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA,
> SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
>
> 2008-03-07 10:55:14,558 INFO main SSLTest - Client Certificate: [
> [
> Version: V1
> Subject: CN=XXXXX
> Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
>
> Key: Sun RSA public key, 512 bits
> modulus: XXXXX
> public exponent: 65537
> Validity: [From: Thu Jul 27 18:11:39 EDT 2006,
> To: Tue Jul 26 18:11:39 EDT 2016]
> Issuer: CN=XXXXXX
> SerialNumber: [ XXXXXXXX ]
> ]
>
> 2008-03-07 10:55:14,567 INFO main SSLTest - Client Key:
> Sun RSA private CRT key, 512 bits
> (actual key material follows)
>
>
> On Fri, Mar 7, 2008 at 10:19 AM, Edouard De Oliveira
> <[EMAIL PROTECTED]> wrote:
> > Did you modify your JCE permissions ?
> > Due to crypto restrictions your Keystores may be in good shape but
> unusable.
> > Download the unrestricted JCE policy files from java web site and try
> again.
> >
> > My 0.02 $
> >
> > Cordialement, Regards,
> > -Edouard De Oliveira-
> > http://tedorg.free.fr/en/main.php
>
