I m trying to generate a POC using HTTPS.For that I have written server and cllient program which are mentioned below.I have generated keystore with CSR using inbuilt websphere's IBM KeyManagement toolkit.Also through websphere console i have made entry of the keystore(deployed)in SSL.
Still my program is giving handshake exception.Do I need to generate kdb files also bcoz when i m generating the kdb file s its giving me error while generating file and i m not able to generate it.Kindly give some suggestion on how to make it work as i m very new to this topic.thanks..
the server program:-
import java.io.*;
import java.security.*;
import javax.net.ssl.*;
public class HTTPSServer {
public static void main(
String[] args)
{
String ksName = "D:\\sampleHTTPSCode\\httpssampleKey.jks";
char ksPass[] = "tulika".toCharArray();
char ctPass[] = "tulika".toCharArray();
try
{
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(ksName), ksPass);
ks.load(null , null);
KeyManagerFactory kmf =
KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, ctPass);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory ssf = sc.getServerSocketFactory();
SSLServerSocket s
= (SSLServerSocket) ssf.createServerSocket(8080);
System.out.println("Server started:");
s.setEnabledCipherSuites(s.getSupportedCipherSuites());
printServerSocketInfo(s);
// Listening to the port
System.out.println("before accepting port:");
SSLSocket socket = (SSLSocket)s.accept();
printSocketInfo(socket);
BufferedWriter w = new BufferedWriter(
new OutputStreamWriter(socket.getOutputStream()));
BufferedReader r = new BufferedReader(
new InputStreamReader(socket.getInputStream()));
String m = r.readLine();
w.write("HTTP/1.0 200 OK");
w.newLine();
w.write("Content-Type: text/html");
w.newLine();
w.newLine();
w.write("<html><body>Hello world!</body></html>");
w.newLine();
w.flush();
w.close();
r.close();
socket.close();
}
catch (Exception e)
{
e.printStackTrace();
}
}
private static void printSocketInfo(SSLSocket s)
{
System.out.println("Socket class: "+s.getClass());
System.out.println(" Remote address = "
+s.getInetAddress().toString());
System.out.println(" Remote port = "+s.getPort());
System.out.println(" Local socket address = "
+s.getLocalSocketAddress().toString());
System.out.println(" Local address = "
+s.getLocalAddress().toString());
System.out.println(" Local port = "+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
SSLSession ss = s.getSession();
System.out.println(" Cipher suite = "+ss.getCipherSuite());
System.out.println(" Protocol = "+ss.getProtocol());
}
private static void printServerSocketInfo(SSLServerSocket s) {
System.out.println("Server socket class: "+s.getClass());
System.out.println(" Socker address = "
+s.getInetAddress().toString());
System.out.println(" Socker port = "
+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
System.out.println(" Want client authentication = "
+s.getWantClientAuth());
System.out.println(" Use client mode = "
+s.getUseClientMode());
}
}
the client program:-
/**
* HttpsClient.java
*
*/
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class HTTPSClient {
public static void main(String[] args) {
PrintStream out = System.out;
// Getting the default SSL socket factory
SSLSocketFactory f =
(SSLSocketFactory) SSLSocketFactory.getDefault();
out.println("The default SSL socket factory class: "
+f.getClass());
try {
// Getting the default SSL socket factory
SSLSocket c =
(SSLSocket) f.createSocket("localhost", 8080);
c.setEnabledCipherSuites(c.getSupportedCipherSuites());
printSocketInfo(c);
c.startHandshake();
BufferedWriter w = new BufferedWriter(new OutputStreamWriter(
c.getOutputStream()));
BufferedReader r = new BufferedReader(new InputStreamReader(
c.getInputStream()));
w.write("GET / HTTP/1.0");
w.newLine();
w.newLine(); // end of HTTP request
w.flush();
String m = null;
while ((m=r.readLine())!= null) {
out.println(m);
}
w.close();
r.close();
c.close();
} catch (IOException e) {
System.err.println(e.toString());
}
}
private static void printSocketInfo(SSLSocket s) {
System.out.println("Socket class: "+s.getClass());
System.out.println(" Remote address = "
+s.getInetAddress().toString());
System.out.println(" Remote port = "+s.getPort());
System.out.println(" Local socket address = "
+s.getLocalSocketAddress().toString());
System.out.println(" Local address = "
+s.getLocalAddress().toString());
System.out.println(" Local port = "+s.getLocalPort());
System.out.println(" Need client authentication = "
+s.getNeedClientAuth());
SSLSession ss = s.getSession();
System.out.println(" Cipher suite = "+ss.getCipherSuite());
System.out.println(" Protocol = "+ss.getProtocol());
}
}
Exception at server side:-
D:\sampleHTTPSCode>
java HTTPSServer
Server started:
Server socket class: class com.sun.net.ssl.internal.ssl.SSLServerSocketImpl
Socker address = 0.0.0.0/0.0.0.0
Socker port = 8080
Need client authentication = false
Want client authentication = false
Use client mode = false
before accepting port:
Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
Remote address = /127.0.0.1
Remote port = 1796
Local socket address = /127.0.0.1:8080
Local address = /127.0.0.1
Local port = 8080
Need client authentication = false
Cipher suite = Unknown 0x0:0x0
Protocol = NONE
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHands
hakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(Unknown Source)
at sun.nio.cs.StreamDecoder$CharsetSD.implRead(Unknown Source)
at sun.nio.cs.StreamDecoder.read(Unknown Source)
at java.io.InputStreamReader.read(Unknown Source)
at java.io.BufferedReader.fill(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at HTTPSServer.main(HTTPSServer.java:36)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificat
e_unknown
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Sou
rce)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.getSession(Unknown Source)
at HTTPSServer.printSocketInfo(HTTPSServer.java:67)
at HTTPSServer.main(HTTPSServer.java:31)
Exception at client side:-
D:\sampleHTTPSCode>java HTTPSClient
The default SSL socket factory class: class com.sun.net.ssl.internal.ssl.SSLSock
etFactoryImpl
Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
Remote address = localhost/127.0.0.1
Remote port = 8080
Local socket address = /127.0.0.1:1796
Local address = /127.0.0.1
Local port = 1796
Need client authentication = false
Cipher suite = SSL_NULL_WITH_NULL_NULL
Protocol = NONE
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHands
hakeException: sun.security.validator.ValidatorException: No trusted certificate
found