• Post Reply Bookmark Topic Watch Topic
  • New Topic

Issue with SSL connectivity  RSS feed

Pravin Panicker
Ranch Hand
Posts: 62
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I am trying to establish a secure connection to another server. I have the required certificates imported to keystore and listing the keystore shows me the proper aliases. However, when i connect to the remote server, I am getting a 403 response and the folks at the server side say that my request does not have any certificates.

Please help!

Following is the snippet of code from my test jsp page -

HttpsURLConnection conn = null;

Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

System.setProperty("java.protocol.handler.pkgs", "javax.net.ssl");
System.setProperty("https.proxyHost", "webproxy.ssmb.com");
System.setProperty("https.proxyPort", "8080");

// Key store information - - - - - - -

out.println("<b>Loading keystore");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(new File("/apps/broadvision/jre/lib/security/cacerts")), "changeit".toCharArray());

Enumeration enum = ks.aliases();
out.println("<br> Aliases:"+enum.nextElement()); // This lists the required cert

URL url = new URL("https://dsx-xuat.deluxe.com/secure/dci.do?app=dci");

out.println("<br>after setting properties");

out.println("<b>Connecting to "+url+"</b><br><br>");
conn = (HttpsURLConnection) url.openConnection();
out.println("<b>after url.openConnection(). Now setting values </b><br><br>");
conn.setInstanceFollowRedirects(false); //Disable the redirect URL which is automatically followed
conn.setUseCaches(false); //Don't look at cached data
conn.setAllowUserInteraction(false); //Don't allow user interaction

out.println("<br>conn: " +conn.getResponseCode()+"<br>");
out.println("<b>Connected to "+url+"</b><br><br>");

Certificate[] certsLocal = conn.getLocalCertificates(); //conn.getLocalCertificates();
if (certsLocal != null){
out.println("certsLocal.len: "+certsLocal.length);
for (int i=0; i<certsLocal.length; i++)
out.println(" <br><br>Local Certificate "+i+": "+certsLocal[i].toString());

Certificate[] certs = conn.getServerCertificates(); //conn.getLocalCertificates();
if (certs != null){
out.println("cert.len: "+certs.length);
for (int i=0; i<certs.length; i++)
out.println(" <br><br>Server Certificate "+i+": "+certs[i].toString());

if(null == conn){
out.println("<br>conn null");
else if(HttpURLConnection.HTTP_OK != conn.getResponseCode()){
out.println("<br>conn not ok: "+conn.getResponseCode()); // Its going here with 403 response code
out.println(" - "+conn.getResponseMessage());
else {
out.println("<br>conn OK: " +conn.getResponseCode()+"<br>");
//String locationHeader = "https://cim-xuat.deluxe.com/secure/Detokeization.do?dsxToken=xxxxxxxxxxxxxxxxxxxxx";
Pravin Panicker
Ranch Hand
Posts: 62
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is the output while running the test page -

Keystore Instance:java.security.KeyStore@d79dfe Loading keystore
Aliases sx-xuat-deluxe

after setting properties Connecting to https://dsx-xuat.deluxe.com/secure/dci.do?app=dci

after url.openConnection(). Now setting values

conn: 403
Connected to https://dsx-xuat.deluxe.com/secure/dci.do?app=dci

cert.len: 3 // Only Server Certs are printed. No Local Certs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!