[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Unable to create certificate verify!



Hello-

I have the following problem connecting to our server which _requires_
the client to authenticate.  Can anyone please tell me what the cause
of this exception is?  Here is the handshake.  Thank you, Helen Rehn

/sandbox/jdk1.2/bin/java -classpath
.:./lib/jndi.jar:./lib/providerutil.jar:./lib/ldap.jar:/sandbox/jdk1.2/jre/lib/rt.jar:.:/homes/rehn/iaik_jce_full.jar:/homes/rehn/iSaSiLk2.51/lib/iaik_ssl.jar:/homes/rehn/iSaSiLk2.51/src
https_test pitcairn.mcs.anl.gov 48492
[
[
  Version: V3
  Subject: CN=Nell Rehn, OU=Mathematics and Computer Science Division,
O=Argonne National Laboratory, O=Globus, C=US
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@bca7b701
  Validity: [From: Mon Aug 30 10:41:31 CDT 1999,
               To: Mon Aug 30 22:46:31 CDT 1999]
  Issuer: CN=Nell Rehn, OU=Mathematics and Computer Science Division,
O=Argonne National Laboratory, O=Globus, C=US
  SerialNumber: [    04d5]

Certificate Extensions: 1
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL server
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: B5 E1 FF 4A F3 1B 5D A4   F7 29 68 D7 BC 89 3C 3F  ...J..]..)h...<?
0010: 02 1B 26 B0 26 D1 CB C2   EC C0 9A 9D 72 BC 15 CE  ..&.&.......r...
0020: 80 46 37 A0 71 3D 5F 0C   15 E9 76 84 68 7B AD B0  .F7.q=_...v.h...
0030: 4A 60 E5 D7 9E 89 52 19   30 F0 5A B9 31 83 8E 02  J`....R.0.Z.1...
0040: 9D E7 DB 5C 8F C0 AA 87   3A DD 0B 82 7F F1 00 D1  ...\....:.......
0050: 67 13 E5 2D C5 E3 82 7E   CA 3E 4E 36 C9 09 3B BC  g..-.....>N6..;.
0060: 74 2D 24 59 8F A4 F7 E1   D8 93 B6 C5 2D 81 81 E4  t-$Y........-...
0070: 47 BC FE D4 9B DD 52 36   C0 7C 2E 00 78 82 BD 0A  G.....R6....x...

]
[
[
  Version: V3
  Subject: CN=Nell Rehn, OU=Mathematics and Computer Science Division,
O=Argonne National Laboratory, O=Globus, C=US
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a4abb701
  Validity: [From: Mon Aug 23 13:14:15 CDT 1999,
               To: Tue Aug 22 13:14:15 CDT 2000]
  Issuer: CN=Globus Certification Authority, O=Globus, C=US
  SerialNumber: [    04d5]

Certificate Extensions: 1
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL server
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 90 43 BE 9D 58 8D 43 AB   E3 E9 50 80 73 90 51 39  .C..X.C...P.s.Q9
0010: D8 92 EC 0D DE 5E 22 DB   18 F3 59 55 43 C1 97 CD  .....^"...YUC...
0020: D0 87 FC F2 70 DD 5D 70   9D F6 E1 2D 5B FC BA C1  ....p.]p...-[...
0030: 64 AD 82 C1 A3 03 61 89   C2 21 79 32 CF 41 CE E6  d.....a..!y2.A..
0040: 3D 4D D9 5F C7 C4 7E 30   3C 12 E6 AC F6 EC 19 A1  =M._...0<.......
0050: A9 67 0F 8A A8 6E 90 1B   90 5B 49 03 EA 1E 34 E0  .g...n...[I...4.
0060: C8 62 CB C9 76 20 DC A9   83 C7 D3 29 30 DA D8 A1  .b..v .....)0...
0070: 10 13 E1 37 29 81 8F ED   61 E8 1D CD 63 C0 E5 15  ...7)...a...c...

]
create new SSLSocket to: pitcairn.mcs.anl.gov:48492
InputRecord locked.
OutputRecord locked.
starting handshake.
send client_hello...
v3ClientHello, version: 3.0
received server_hello...
Server doesn't want to resume a previous session.
CipherSuite selected by server: SSL_RSA_WITH_NULL_MD5
CompressionMethod selected by server: NULL
received Certificate...
Server certificate chain
CN=proxy, OU=Mathematics and Computer Science Division, O=Argonne National
Laboratory, O=Globus, C=US
CN=Nell Rehn, OU=Mathematics and Computer Science Division, O=Argonne
National Laboratory, O=Globus, C=US
CN=Globus Certification Authority, O=Globus, C=US
received certificate_request...
received server_hello_done...
Key exchange algorithm: RSA
Server accepts the following CAs:
Server requests the following certificate types:
rsa_sign
dss_sign
return RSA certificate...
send SSLCertificate...
send ClientKeyExchange...
send CertificateVerify...
iaik.security.ssl.SSLException: Unable to create certificate verify!
        at iaik.security.ssl.x.a(Compiled Code)
        at iaik.security.ssl.x.f(Compiled Code)
        at iaik.security.ssl.r.c(Compiled Code)
        at iaik.security.ssl.SSLSocket.startHandshake(Compiled Code)
        at iaik.security.ssl.SSLSocket.getOutputStream(Compiled Code)
        at https_test.main(Compiled Code)

Connection established...

Active cipher suite: SSL_RSA_WITH_NULL_MD5
Active compression method: NULL

Server certificate chain:
Certificate 0: CN=proxy, OU=Mathematics and Computer Science Division,
O=Argonne National Laboratory, O=Globus, C=US
Certificate 1: CN=Nell Rehn, OU=Mathematics and Computer Science Division,
O=Argonne National Laboratory, O=Globus, C=US
Certificate 2: CN=Globus Certification Authority, O=Globus, C=US

-------------------------------------------------------------------------------------
http://www.mcs.anl.gov/~rehn



--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl