Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SSL Connection over TCP using SSLSocketFactory to remote C++ Server

2 views
Skip to first unread message

Ed

unread,
Jan 5, 2003, 9:48:48 AM1/5/03
to
Hi.

Despite my traversing through the archives, I could not find a
solution to my problem. So hopefully, that would mean i have a simple
isolated, and FIXABLE problem :-)

My web application running under Weblogic 7.01 as a servlet needs to
connect to a remote server using SSL over tcp.
The server is a C++ app using openssl libraries to serve up a
self-signed certificate.

The code fragments to do so look like this:

SSLSocketFactory sf =
(SSLSocketFactory)SSLSocketFactory.getDefault();
connection = sf.createSocket(host, port);
...
output.write(...)
output.flush();


Upon the flush, I get the following error:

java.io.IOException: Write Channel Closed, possible SSL handshaking or
trust failure
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown
Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown
Source)
at com.certicom.tls.record.ReadHandler.interpretContent(Unknown
Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown
Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:67)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:125)
at java.io.DataOutputStream.flush(DataOutputStream.java:99)


My guess is that its complaining about not trusting the certificate
being sent back by the server.
I typically use JSSE for this application when running within other
appservers, and
this application has no problems. But because i've run into issues
with using JSSE in WL7.01 (another topic
for another day), I'm using the default WL ssl library.

I have set weblogic.security.SSL.trustedCAKeyStore=d:\bea\weblogic700\server\lib\cacerts,
and imported my
certificate into that cacerts file. This doesn't seem to fix my
problem. Is there another truststore
that my webapp may rely on? Where within the admin console can I
figure this out?
Or am I on the wrong track here?


Also, if its any clue, elsewhere within the same application, I make
https requests to another
web app running under the same weblogic server - and that is fine - I
use the URLConnection class in those cases.

Any help is much appreciated!

Thanks

Ed

0 new messages