Hi Emmanuel,
I have installed the certificate on the server using the link provided by
you.
Also defined the TrustManager but still i am not able to establish the
secure connection.
I am getting the connection failed error with reason "Error in connection
establishment: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH"
Below is my code to add SSL support.
private static void addSSLSupport(DefaultIoFilterChainBuilder chain)
throws Exception {
try {
KeyStore keyStore=KeyStore.getInstance("JKS");
char[] passphrase= {'t','e','s','t','s','s','l'};
keyStore.load(new
FileInputStream("/home/ec2-user/digicert/mydomain.jks"),passphrase);
Util.logInfo("Key Store loaded");
SSLContext ctx=SSLContext.getInstance("TLS");
TrustManagerFactory
trustFactory=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustFactory.init(keyStore);
X509TrustManager defaultTrustManager = (X509TrustManager)
trustFactory.getTrustManagers()[0];
ctx.init(null, trustFactory.getTrustManagers(),
null);
SslFilter sslFilter = new SslFilter(ctx);
chain.addLast("sslFilter", sslFilter);
Util.logInfo("SSL ON");
}catch(Exception e){
Util.logError(e.toString());
throw e;
}
}
On 22 December 2014 at 13:13, Dhruv Kapil <[email protected]> wrote:
> Thanks Emmanuel for the pointer.
> Will give it a try and get back in case of any issue.
>
> On 22 December 2014 at 13:01, Emmanuel Lécharny <[email protected]>
> wrote:
>
>> Le 22/12/14 06:13, Dhruv Kapil a écrit :
>> > I have successfully run Apache Mina server with the default bogus
>> > certificate as provided in their examples. Now I want to configure my
>> own
>> > SSL certificate purchased from digicert. Could someone provide me the
>> > instructions to configure it?
>>
>> All you have to do is to include the certificat in the Java Keystore,as
>> explained in
>> https://docs.oracle.com/cd/E19900-01/819-4733/6n6s6u1gl/index.html and
>> to define your TrustManager.
>>
>>
>>
>
