Help with running SSL example.
1,384 views
Skip to first unread message
Kiran Babu
Jul 10, 2014, 4:35:14 AM7/10/14
to spray...@googlegroups.com
Hi,
I have tried running the simple-http-server example from GItHub. What I understand is that this creates a self-signed certificate which can be run through a browser by ignoring the security warning message.
I could not run the example as it is. I had to make a few changes.
// I had to comment this line. I'm not sure if it is encrypted anymore after removing the ciper suite.
32| //engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA256"))
java.lang.IllegalArgumentException: Cannot support TLS_RSA_WITH_AES_256_CBC_SHA256 with currently installed providers
After this I copied the same MySslConfiguration.scala into a new project and tried serving a static html page which using getFromResourceDirectory directive. No response was received and I got this error message:
Received unexpected Tcp.PeerClosed, invalidating SSL session
//application.conf
file-chunking-threshold-size = 1m
file-chunking-chunk-size = 512k
Can you please clarify in this regard?
Thanks,
Kiran
Johannes Rudolph
Jul 10, 2014, 6:38:51 AM7/10/14
to spray...@googlegroups.com
Hi Kiran,
On Thu, Jul 10, 2014 at 10:35 AM, Kiran Babu <joseph....@gmail.com> wrote:
> //engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA256"))
No, this just set a constraint to use *just this* cipher suite. We had
this in there because it allows
to decrypt traffic with wireshark for debugging.
> java.lang.IllegalArgumentException: Cannot support
> TLS_RSA_WITH_AES_256_CBC_SHA256 with currently installed providers
Did this happen with the line commented out or the original file? It
means that you probably don't have all the providers installed in the
JVM.
> After this I copied the same MySslConfiguration.scala into a new project and
> tried serving a static html page which using getFromResourceDirectory
> directive. No response was received and I got this error message:
This just means that your client just closed the connection. You need
to look at the client if it showed an error message.
I'd guess that you don't have the usual security provider installed /
enabled in the JVM so that client and server cannot agree about a
valid cipher. See e.g.
https://en.wikipedia.org/wiki/Java_Cryptography_Extension
for installing / enabling the other providers.
--
Johannes
-----------------------------------------------
Johannes Rudolph
http://virtual-void.net
On Thu, Jul 10, 2014 at 10:35 AM, Kiran Babu <joseph....@gmail.com> wrote:
> //engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA256"))
No, this just set a constraint to use *just this* cipher suite. We had
this in there because it allows
to decrypt traffic with wireshark for debugging.
> java.lang.IllegalArgumentException: Cannot support
> TLS_RSA_WITH_AES_256_CBC_SHA256 with currently installed providers
means that you probably don't have all the providers installed in the
JVM.
> After this I copied the same MySslConfiguration.scala into a new project and
> tried serving a static html page which using getFromResourceDirectory
> directive. No response was received and I got this error message:
to look at the client if it showed an error message.
I'd guess that you don't have the usual security provider installed /
enabled in the JVM so that client and server cannot agree about a
valid cipher. See e.g.
https://en.wikipedia.org/wiki/Java_Cryptography_Extension
for installing / enabling the other providers.
--
Johannes
-----------------------------------------------
Johannes Rudolph
http://virtual-void.net
Reply all
Reply to author
Forward
0 new messages