Standalone app and SSL tunnelling

Tue, 29 Aug 2000 03:09:19 -0700 

I finally made the SSL communication working:

I replaced the "$JAVAHOME/jre/lib/security/cacerts" of  client
system with "keystore" file used on server (I changed his name
to "cacerts"). Quick and dirty.

Issue now is client and orion server hang after first  context
creation:

Here's the code - this object should be instanciated on demand
by client system:

Standalone application constructor:

public PaymentProxy() {

                try {

                        //      Create access to the naming context.
                        Context context = new InitialContext();

                        //      setup debugging level
                        logging = 
(String)context.lookup("java:comp/env/logging.level");

                        context.close();

                } catch(NamingException e) { log( e );
                }               
}

After leaving, orion hang completely (no more communication,
no http, no console access).

I have no problem if I swith "jndi.properties" to http.

My system: jdk 1.2.2, red hat 6.2, orion 1.2.4

Bernard Sauterel
>>>>> >Hi,
>>>>> >
>>>>> >Thanks for the work. I'm in trouble connecting thru SSL:
>>>>> >
>>>>> >output from my client application:
>>>>> >----------------------------------------------------------------
>>>>> >initializing context ...
>>>>> >
>>>>> >sauterel.shared.ldap.ProxyClient@2f70f477 - Communication error: Error
>>>>> >reading application-client descriptor: Error communicating with
>>>>> >server: Lookup error: javax.net.ssl.SSLException: untrusted server cert
>>>>> >chain; nested exception is:
>>>>> >        javax.net.ssl.SSLException: untrusted server cert chain; nested
>>>>> >exception is:
>>>>> >        javax.naming.NamingException: Lookup error:
>>>>> >javax.net.ssl.SSLException: untrusted server cert chain; nested
exception
>>>>> >is:
>>>>> >        javax.net.ssl.SSLException: untrusted server cert chain
>>>>> >
>>>>> >
>>>>> >jndi.properties:
>>>>> >----------------------------------------------------------------
>>>>> >java.naming.factory.initial=com.everm
>>>>> >ind.server.ApplicationClientInitialContextFactory
>>>>> >java.naming.provider.url=https:ormi://www.sauterel.net/ldap
>>>>> >java.naming.security.principal=admin
>>>>> >java.naming.security.credentials=123
>>>>> >
>>>>> >
>>>>> >The application work perfectly using http:ormi:... . Web site is
>>>>> >secured using a test cert (do I have to use an "official" cert?)
>>>>> >generated as described in your "SSL how to".
>>>>> >
>>>>> >Looking forward,
>>>>> >
>>>>> >Bernard Sauterel

+------------------+----------------------------+
| Bernard Sauterel | sauterel.net               |
+------------------+----------------------------+
             email | [EMAIL PROTECTED]

Reply via email to