[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: AW: [iaik-ssl]cu|| Intermittent SSL connections from an Applet



This is the result of SSLClientContext.toString:
Enabled cipher suites:
   SSL_RSA_WITH_3DES_EDE_CBC_SHA
   SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
   SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
   SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA
   SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA
   SSL_RSA_WITH_RC4_128_SHA
   SSL_RSA_WITH_IDEA_CBC_SHA
   SSL_DHE_DSS_WITH_RC4_128_SHA
   SSL_RSA_WITH_RC4_128_MD5
   SSL_RSA_WITH_DES_CBC_SHA
   SSL_DHE_DSS_WITH_DES_CBC_SHA
   SSL_DHE_RSA_WITH_DES_CBC_SHA
   SSL_DH_DSS_WITH_DES_CBC_SHA
   SSL_DH_RSA_WITH_DES_CBC_SHA
   SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
   SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
   SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
   SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
   SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
   SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
   SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
   SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
   SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
   SSL_RSA_EXPORT_WITH_RC4_40_MD5
   SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
Enabled compression methods:
   NULL

Available certificates:
RSA credentials:
   1024 bit key, 1 certificates.

I am using jdk1.3.1_rc02 (and plugin) on w32, and iaik_jce_full.jar.  I 
have everything repackaged into a single jar file, and signed by our 
code signing certs.   It's not clear to me how to check the version of 
my iaik JCE (the file is dated 9/25/2000.  We last licensed the code for 
distribution sometime last year.  I grant the browser permission to 
trust the signed jar (single session grant only).

I don't have the server output, unfortunately, since the MICO + SSL code 
is poorly instrumented right now.  The failures aren't server-specific.  
The behavior I'm seeing now is that the client will experience some 
number of failures (sometimes large, sometimes small) before being able 
to successfully connect.

When installing iaik as first provider, I still got the stack overflow 
errors; I changed some of the startup sequence and avoided the stack 
overflow, but ended up getting untraceable failures somewhere in the JDK.

T.

On Tuesday, April 16, 2002, at 06:16 AM, Dieter Bratko wrote:

> Hello,
>
> the attachment still shows the client SSL handshake debug output,
> but not the SSLClientContext information. Do you have a server
> handshake output, too. Or does the problem only occur when connecting to
> one specific server?
>
>> I installed the stack overflow workaround (putting the IAIK provider
>> second).
> So I assume that you are using the signed version of IAIK-JCE 3.0.
> Since you are using JDK1.3 did you try to install IAIK as first
> provider? What JCE framework are you using?
>
>> I'm trying to get a signed applet to communicate with my server
> Did you yourself sign the IAIK-JCE jar, too; or do you let the
> browser trust the original signature?
>
> Regards,
> Dieter
>
>
>
>
>
> -----Ursprungliche Nachricht-----
> Von: Timothy Wall [mailto:twall@domesolutions.com]
> Gesendet: Montag, 15. April 2002 20:00
> An: Dieter Bratko
> Cc: iaik-ssl@iaik.at
> Betreff: Re: AW: [iaik-ssl]cu|| Intermittent SSL connections from an
> Applet
>
>
> Attached is the SSLClientContext information
>
>

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl