1 Reply Latest reply: May 11, 2011 6:33 AM by Darryl Burke RSS

    Read data from custom ca

    803100
      Hi everybody.
      I have problems with reading data from custom ca.
      I had made a configuration my tomcat server like this http://oshogsb.blogspot.com/2007/07/how-to-create-custom-ca-and.html
      and then tried to read data from certificate like this
      package action;
      
      import javax.servlet.ServletException;
      import javax.servlet.http.HttpServlet;
      import javax.servlet.http.HttpServletRequest;
      import javax.servlet.http.HttpServletResponse;
      import java.io.IOException;
      import java.io.PrintWriter;
      import java.security.cert.X509Certificate;
      
      public class SSLAction extends HttpServlet {
          protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
              res.setContentType("text/plain");
              PrintWriter out = res.getWriter();
              X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
              if (certs != null) {
                  for (int i = 0; i < certs.length; i++) {
                      out.println("Client Certificate [" + i + "] = " + certs.toString());
      }
      }
      else {
      if ("https".equals(req.getScheme())) {
      out.println("This was an HTTPS request, but no client certificate is available");
      } else {
      out.println("This was not an HTTPS request, so no client certificate is available");
      }
      }
      }

      protected void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
      doGet(req, res);
      }
      }

      When I invoke a URL https://localhost:8443/sslaction the server ask me that I have bad ssl certificate.
      Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
      Configurations server
           <Connector acceptCount="100" 
               clientAuth="true"
              keystoreFile="//home/pitbull/servers/apache-tomcat-7.0.12/conf/ssl/server.ks"
              keystorePass="3648386"         
              truststoreFile="//home/pitbull/servers/apache-tomcat-7.0.12/conf/ssl/server.ks"
              truststorePass="3648386"    
              truststoreType="JKS"       
               disableUploadTimeout="true" 
               enableLookups="true" 
               maxHttpHeaderSize="8192" 
               maxSpareThreads="75" maxThreads="150" 
               minSpareThreads="25" port="8443" 
               scheme="https" 
               secure="true"          
               sslProtocol="TLS"/>
      And logs from the server has not error.
      11.05.2011 13:41:08 org.apache.coyote.AbstractProtocolHandler init
      INFO: Initializing ProtocolHandler ["http-bio-8080"]
      11.05.2011 13:41:08 org.apache.coyote.AbstractProtocolHandler init
      INFO: Initializing ProtocolHandler ["http-bio-8443"]
      11.05.2011 13:41:08 org.apache.coyote.AbstractProtocolHandler init
      INFO: Initializing ProtocolHandler ["ajp-bio-8009"]
      11.05.2011 13:41:08 org.apache.catalina.startup.Catalina load
      INFO: Initialization processed in 1835 ms
      11.05.2011 13:41:08 org.apache.catalina.core.StandardService startInternal
      INFO: Starting service Catalina
      11.05.2011 13:41:08 org.apache.catalina.core.StandardEngine startInternal
      INFO: Starting Servlet Engine: Apache Tomcat/7.0.12
      11.05.2011 13:41:08 org.apache.catalina.startup.HostConfig deployDescriptor
      INFO: Deploying configuration descriptor ROOT.xml from /home/pitbull/.IntelliJIdea10/system/tomcat/Unnamed_SSlsll/conf/Catalina/localhost
      11.05.2011 13:41:08 org.apache.catalina.loader.WebappClassLoader validateJarFile
      INFO: validateJarFile(/home/pitbull/projects/git_rep/SSlsll/out/artifacts/SSlsll_war_exploded/WEB-INF/lib/servlet-api.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/Servlet.class
      11.05.2011 13:41:09 org.apache.catalina.startup.HostConfig deployDirectory
      INFO: Deploying web application directory examples
      11.05.2011 13:41:09 org.apache.catalina.startup.HostConfig deployDirectory
      INFO: Deploying web application directory host-manager
      11.05.2011 13:41:09 org.apache.catalina.startup.HostConfig deployDirectory
      INFO: Deploying web application directory docs
      11.05.2011 13:41:09 org.apache.catalina.startup.HostConfig deployDirectory
      INFO: Deploying web application directory manager
      11.05.2011 13:41:10 org.apache.coyote.AbstractProtocolHandler start
      INFO: Starting ProtocolHandler ["http-bio-8080"]
      11.05.2011 13:41:10 org.apache.coyote.AbstractProtocolHandler start
      INFO: Starting ProtocolHandler ["http-bio-8443"]
      11.05.2011 13:41:10 org.apache.coyote.AbstractProtocolHandler start
      INFO: Starting ProtocolHandler ["ajp-bio-8009"]
      11.05.2011 13:41:10 org.apache.catalina.startup.Catalina start
      INFO: Server startup in 1891 ms
      Connected to server
      Can anybody help me? Why is not work?
      Thanks.

      Edited by: PitBull on May 11, 2011 2:57 AM