Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / May 2004

Tip: Looking for answers? Try searching our database.

JSSE, ObjectOutputStream and CachedRowSets

Thread view: 
Enable EMail AlertsStart New Thread
Jan-Hendrik Lendholt - 30 Apr 2004 15:10 GMT
Hi Folks,

I already posted questions concerning this subject in former time in
other newsgroups, but there was no satisfying help yet. So you are my
last chance.

I wrote two Java-Applications that shall communicate over a JSSE
SSL-Secured connection.

The socket-Code (Server) looks like:

System.setProperty("javax.net.ssl.keyStore","KEYSTORE");
System.setProperty("javax.net.ssl.keyStorePassword","changeit");
SSLServerSocketFactory sslserversocketfactory =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket sslserversocket =
(SSLServerSocket)sslserversocketfactory.createServerSocket(9998);

System.out.println("Server listens on Port 9998");

The Client-Code to connect looks like:

SSLSocketFactory sslsocketfactory =
(SSLSocketFactory)SSLSocketFactory.getDefault();
      SSLSocket sslsocket =
(SSLSocket)sslsocketfactory.createSocket("192.168.100.200",9998);
      socket = sslsocket;
      status =  sslsocket.isConnected();

Status returns true. So the connedt is successfull. I can also see the
output of the starting thread on the server side.

If a client connects, the server starts a new thread which shall make an
SQL-Statement. The ResultSet shall be saved in a CachedRowSet.

To this point all goes well.

CachedRowSetImpl crs = new CachedRowSetImpl();

    ResultSet rs = lms.werteAbfragen("SELECT * FROM EVENT WHERE
ENTID=60"); //SQL-Query

    crs.populate(rs); //CachedRowSet filled with data
    rs.close();

    OutputStream os = socket.getOutputStream();
    ObjectOutputStream s = new ObjectOutputStream(os); // ERROR OCCURS!!

The Sever responses with: Received fatal alert: certificate_unknown
The Client responses with: sun.security.validator.ValidatorException: No
trusted certificate found

Well, I created a truststore with one certificate and put it into the
classes directory.
In the source-code I put the systems-property to find the truststore and
the password.

The handshake is ok - but as soons as I open a ObjectOutputStream (it
doesn't matter if the client or server opens that Streams) the message
comes out.

Hope you can help me, it's so messed up!

Thx a lot - Jan Lendholt
Reply to this Message
rammarti - 10 May 2004 21:43 GMT
The error:
" The Sever responses with: Received fatal alert: certificate_unknown
> The Client responses with: sun.security.validator.ValidatorException:
> No trusted certificate found "
is the problem. This error means that the keystore (actually truststore)
does not have the public key certificate and can not validate it. You
need to add the certificate to the keystore.

To import a certificte into your truststore, you can use keytool. See
http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html

    = Ram Marti

> Hi Folks,
>
[quoted text clipped - 60 lines]
>
> Thx a lot - Jan Lendholt
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.