Hi All, I have successfully installed and configured SSL on the server. I used KeyManger authentication instead of TrustManager. But now one strange problem is coming that i am able to access wss connection using Mozilla firefox and all the headers and payload is coming in correct way. But in case of wss connection from Google chrome, some strange thing is happening, i am getting very large payload which is of 774966538 bytes and also other bytes which i am getting is also not same which i am getting in case of Mozilla Firefox. Has anyone faced such type of problem in the past? Please help me out.
Regards, Dhruv Kapil On 22 December 2014 at 19:51, Dhruv Kapil <[email protected]> wrote: > Hi Emmanuel, > > I have installed the certificate on the server using the link provided by > you. > Also defined the TrustManager but still i am not able to establish the > secure connection. > I am getting the connection failed error with reason "Error in connection > establishment: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH" > > Below is my code to add SSL support. > > private static void addSSLSupport(DefaultIoFilterChainBuilder chain) > throws Exception { > try { > KeyStore keyStore=KeyStore.getInstance("JKS"); > char[] passphrase= {'t','e','s','t','s','s','l'}; > keyStore.load(new > FileInputStream("/home/ec2-user/digicert/mydomain.jks"),passphrase); > Util.logInfo("Key Store loaded"); > SSLContext ctx=SSLContext.getInstance("TLS"); > TrustManagerFactory > trustFactory=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > trustFactory.init(keyStore); > X509TrustManager defaultTrustManager = (X509TrustManager) > trustFactory.getTrustManagers()[0]; > ctx.init(null, trustFactory.getTrustManagers(), > null); > SslFilter sslFilter = new SslFilter(ctx); > chain.addLast("sslFilter", sslFilter); > Util.logInfo("SSL ON"); > }catch(Exception e){ > Util.logError(e.toString()); > throw e; > } > } > > > On 22 December 2014 at 13:13, Dhruv Kapil <[email protected]> wrote: > >> Thanks Emmanuel for the pointer. >> Will give it a try and get back in case of any issue. >> >> On 22 December 2014 at 13:01, Emmanuel Lécharny <[email protected]> >> wrote: >> >>> Le 22/12/14 06:13, Dhruv Kapil a écrit : >>> > I have successfully run Apache Mina server with the default bogus >>> > certificate as provided in their examples. Now I want to configure my >>> own >>> > SSL certificate purchased from digicert. Could someone provide me the >>> > instructions to configure it? >>> >>> All you have to do is to include the certificat in the Java Keystore,as >>> explained in >>> https://docs.oracle.com/cd/E19900-01/819-4733/6n6s6u1gl/index.html and >>> to define your TrustManager. >>> >>> >>> >> >
