[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] KeyManager blues


I am trying to use JSSE with IAIK_JSSE as the underlying provider.
I have one problem though, the Client SSL connection does not seam
to be able to find a key/cert for doing client authentication.

What I have is a keytool generated keystore, with an imported 
Verisign test certificate and rootcertificate.

I then do:                

ctx = SSLContext.getInstance("SSLv3", "IAIK_JSSE");

ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyStore), 

kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keyPassword.getCharArray());
km = kmf.getKeyManagers();

/*dumping of the keyManagers certifiCateChain, seams ok! (code removed
for clarity)*/

/*initialisation of trust manager removed for clarity */

ctx.init(km,tms, null);

/*socket/socketfactory creation code removed for clarity */

This should be fairly straightforward, but when run I get:
 [java] _____________________________________________
 [java] installing IAIK JSSE provider
 [java] This is only an early beta release!
 [java] Be sure to use the right iSaSiLk version
 [java] _____________________________________________
 [java] IAIKJSSEProvider.getProperty SSLContext.SSLv3
 [java] returning: iaik.security.jsse.IAIKSSLContextSSLv3
 [java] IAIKSSLContext.enigneInit()
 [java] IAIKSSLContext.engineGetSocketFactory()
 [java] SSLSocketFactory Constructor called
 [java] New Context : KeyManager
 [java] JSSE CCTX
 [java] Creating Socket
 [java] ssl_debug(1): Starting handshake (iSaSiLk 3.03)...
 [java] ssl_debug(1): Sending v3 client_hello message, requesting
version 3.0...
 [java] ssl_debug(1): Received v3 server_hello handshake message.
 [java] ssl_debug(1): Server selected SSL version 3.0.
 [java] ssl_debug(1): Server created new session
 [java] ssl_debug(1): CipherSuite selected by server:
 [java] ssl_debug(1): CompressionMethod selected by server: NULL
 [java] ssl_debug(1): Received certificate handshake message with server
 [java] ssl_debug(1): Server sent a 1023 bit RSA certificate, chain has
2 elements.
 [java] Verify chain ...
 [java] ssl_debug(1): Received server_key_exchange handshake message.
 [java] ssl_debug(1): Received certificate_request handshake message.
 [java] ssl_debug(1): Accepted certificate types: RSA, DSA
 [java] ssl_debug(1): Accepted certificate authorities:
 [java] ssl_debug(1):   (empty list)
 [java] ssl_debug(1): Received server_hello_done handshake message.
 [java] ssl_debug(1): No client certificate available, sending
no_certificate warning...
 [java] ssl_debug(1): Sending alert: Alert Warning: no certificate
 [java] ssl_debug(1): Sending client_key_exchange handshake message (512
 [java] ssl_debug(1): Sending change_cipher_spec message...
 [java] ssl_debug(1): Exception sending message: java.io.IOException:
Broken pipe

Hope someone can help

"When in doubt, it's a classpath problem."

Søren Hilmer, M.Sc. 
R&D manager                             Phone:  +45 86 78 21 00
IT+ A/S                                	Fax:    +45 86 78 21 02   
Brendstrupgårdsvej 7                    Direct: +45 87 40 08 44
8200 Århus N                            Email:  sh@itplus.dk
Denmark                                 WWW:    http://www.itplus.dk 
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl