3 Replies Latest reply on Feb 14, 2012 12:47 AM by EJP

    SSL support in Dirmi

      I am trying to implement SSL support in Dirmi and I am not quite sure how to do it. I wanted to use withClientSocketFactory/withServerSocketFactory on the org.cojen.dirmi.Environment and to pass SSLSocketFactory/SSLServerSocketFactory there. But the problem is that the application already has socket factories which are creating custom sockets and that is the problem. For SSLSocketFactory I used createSocket(socket, host, port, autoClose) to wrap the created custom socket into the secure socket, but I don't know what to do in the SSLServerSocketFactory. And I am not even sure if the approach is appropriate. Does anyone has idea that could help?

      Edited by: 911405 on 2012-01-31 10:30
        • 1. Re: SSL support in Dirmi
          I don't know what to do in the SSLServerSocketFactory
          Nothing. Don't use it. When you accept the Socket, do the same SSLSocketFactory.createSocket() thing as you already do for the client and then call sslSocket.setUseClientMode(false);
          • 2. Re: SSL support in Dirmi
            This helped but I still have an issue. And I am not sure if it will be possible to overcome. I got the SSL handshake to work, but I still cannot make it work with Dirmi. The issue is the following. When the Dirmi session is created it takes an unconnected socket obtained from the parameterless constructor of the socket factory provided and tries to connect it in the SocketChannelConnector::connectSocket method. So when I tried to create the secure SSL socket by means of layering the unconnected socket in the parameterless constructor, it became a connected socket and when the method SocketChannelConnector::connectSocket was invoked I got the exception:
            Caused by: java.net.SocketException: Already connected
                 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:551)
                 at org.cojen.dirmi.io.SocketChannelConnector.connectSocket(SocketChannelConnector.java:178)

            I am quite stack with this problem. So I would need a method to create a secure SSL socket that is not connected by means of layering the given unconnected socket. Any suggestions will be much appreciated.
            • 3. Re: SSL support in Dirmi
              30 seconds in Google led me to this.