Hi Joon, --- Â÷ÁØÇõ <[EMAIL PROTECTED]> wrote: > Hi there. > I'm still trying to run jsse with kaffe. > But it's not easy to me.....-.-; > > When I run a sample program with debuging mode, the following error is > printed. > > ---------------------------------------------------------------------------- > -------------- > keyStore is : > keyStore type is : JKS > init keystore > default context init failed: java.security.PrivilegedActionException > java.net.SocketException: SSL implementation not available > at java.lang.Throwable.fillInStackTrace(Throwable.java:native) > at java.lang.Throwable.<init>(Throwable.java:38) > at java.lang.Exception.<init>(Exception.java:24) > at java.io.IOException.<init>(IOException.java:24) > at java.net.SocketException.<init>(SocketException.java:21) > at > javax.net.ssl.DefaultSSLSocketFactory.createSocket(DashoA6275:line unknown, > pc 0x819f3c5) > at SSLSocketClient.main(SSLSocketClient.java:41) > ---------------------------------------------------------------------------- > --------------
I've got that far as well. > I think that the error is occured when the program initializes keystore. > From sun java site, the error, "SSL implementation not available", can be > occured when "there was a problem with SSLContext initialization, > for example due to a corrupted keystore. (Note: One vendor has shipped > a keystore in an unknown format, and that may cause this type of error.)" > And the solusion is "Check initialization parameters. Ensure any keystores > specified are valid (e.g., by trying to use the keytool to examine them)." Sun's JSSE documentation is not very helpful in that respect. But then, their JSSE has never been supposed to be run on other VMs anyway, I assume. One needs Sun's own provider in order to be able to provide an algorithm to read keystores in the default, proprietary format, JKS. The algorithm is in Sun's JDK's rt.jar. I've tried adding sun's rt.jar from jdk 1.3 to kaffe's bootclasspath, as well as setting security providers to sun's providers only, and added the j*.jar files from the jsse distribution to kaffe's bootclasspath. Then I got much further: bash-2.05a$ kaffe -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -cp ../../lib/jnet.jar:../../lib/jsse.jar:../../lib/jcert.jar -Djavax.net.debug=all URLReader [snip] verify exception was: java.lang.ClassCastException: can't cast `com/sun/net/ssl/internal/ssl/JSA_SHA1RSASignature' to `java/security/Signature' main, SEND SSL v3.0 ALERT: fatal, description = certificate_unknown main, WRITE: SSL v3.0 Alert, length = 2 javax.net.ssl.SSLException: untrusted server cert chain at java.lang.Throwable.fillInStackTrace(Throwable.java:native) at java.lang.Throwable.<init>(Throwable.java:44) at java.lang.Exception.<init>(Exception.java:24) at java.io.IOException.<init>(IOException.java:24) at javax.net.ssl.SSLException.<init>(DashoA6275:line unknown, pc 0x86d8ba6) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275:line unknown, pc 0x868c1ad) at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275:line unknown, pc 0x86c9c17) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275:line unknown, pc 0x84844ef) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275:line unknown, pc 0x82fd5ca) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275:line unknown, pc 0x84a1855) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275:line unknown, pc 0x845c394) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275:line unknown, pc 0x845eef8) at java.io.OutputStream.write(OutputStream.java:24) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275:line unknown, pc 0x832bcf3) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect(DashoA6275:line unknown, pc 0x84195de) at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer(DashoA6275:line unknown, pc 0x83b1468) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l(DashoA6275:line unknown, pc 0x83eba76) at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>(DashoA6275:line unknown, pc 0x8402427) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>(DashoA6275:line unknown, pc 0x839ec02) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA6275:line unknown, pc 0x83f18bd) at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA6275:line unknown, pc 0x8380463) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect(DashoA6275:line unknown, pc 0x838682e) at java.net.URL.openConnection(URL.java:247) at java.net.URL.openStream(URL.java:255) at URLReader.main(URLReader.java:39) I think trying to debug Sun's obfuscated (that's where the DashO-s come from) code is a waste of time. If you want to check out other SSL and Java implementations, you could try out http://www.mozilla.org/projects/security/pki/jss/ but it doesn't have a JSSE provider. I don't know how well (or if at all) it works under kaffe. I believe that the best course of action is to get in touch with the GNU Crypto ( http://www.gnu.org/software/gnu-crypto/ ) developers and the JSS developers to help in creating a good, free implementation that works instead of wasting time with Sun's proprietary solutions ;) > But I have no idea what I have to do more. > Anybody knows the way to solve it? > And does kaffe support jsse officially? Thesedays, I'm doubtful of it.....-. Not officially. There *may* be ways to get it to work, so you're doing some pioneering work here ;) cheers, dalibor topic __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com _______________________________________________ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe