[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl] No client certificate available, sending no_certificate warning...



Hello,
 
when sending the certificate request message, the usually indicates the CAs it is willing to accept. Please ensure that your client cert is issued by such a CA (respectively has it in its certificate path).
 
Dieter Bratko
-----Ursprüngliche Nachricht-----
Von: iaik-ssl-owner@iaik.tu-graz.ac.at [mailto:iaik-ssl-owner@iaik.tu-graz.ac.at]Im Auftrag von 이선영
Gesendet: Sonntag, 1. Oktober 2000 13:42
An: iaik-ssl@iaik.at
Betreff: [iaik-ssl] No client certificate available, sending no_certificate warning...

Hi all.
 
I am trying to handshaking with the server that request client authentication.
But I  have problem that client program can't find client certificate available.
It's Why....
 
this is client code.
**********************************************************
   FileInputStream privStream = new FileInputStream("/usr/local/ssl/certs/pkcs8/server.key");
   byte[] privBytes = new byte[privStream.available()];
   privStream.read(privBytes);
   privStream.close();
 
   EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo(privBytes);
   RSAPrivateKey rsa_priv_key = (RSAPrivateKey) epki.decrypt("password");
 
    X509Certificate cert[] = new X509Certificate[1];
    FileInputStream inStream = new FileInputStream("/usr/local/ssl/certs/server.crt");
   DataInputStream dataStream = new DataInputStream(inStream);
 
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
 
   byte[] bytes = new byte[dataStream.available()];
   dataStream.readFully(bytes);
   ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
 
    cert[0] = (X509Certificate)cf.generateCertificate(bais);
    bais.close();
    dataStream.close();
    inStream.close();
   
   SSLClientContext context = new SSLClientContext();
   context.setDebugStream(System.out);
 
   CipherSuite [] suites = {
    CipherSuite.SSL_RSA_WITH_RC4_128_MD5,
    CipherSuite.SSL_RSA_WITH_RC4_128_SHA,
    CipherSuite.SSL_RSA_WITH_DES_CBC_SHA
   };
 
   context.setEnabledCipherSuites(suites);
   context.setEnabledCompressionMethods(CompressionMethod.getDefault());
   context.setAllowedProtocolVersions(SSLContext.VERSION_SSL20, SSLContext.VERSION_TLS10);
   context.addClientCredentials(cert, rsa_priv_key);
 
   SSLSocket sslSocket = new SSLSocket(host, port, (SSLContext)context);
   setSocket((Socket) sslSocket);
**********************************************************************
 
Please help me...
***************************************************************************
*                                                                         *
* IAIK S/MIME Mapper Security Info                                        *
* ===================================                                     *
*                                                                         *
* for message:                                                            *
*   From: "Dieter Bratko" <Dieter.Bratko@iaik.at>                         *
*   Date: Mon, 16 Oct 2000 12:51:28 +0200                                 *
*   Subject: AW: [iaik-ssl] No client certificate available, sending no_certificate warning...*
*                                                                         *
* Message S/MIME properties:                                              *
*                                                                         *
*   Encrypted using:    not encrypted                                     *
*                                                                         *
*   Digitally signed:   yes                                               *
*   Signature valid:    yes                                               *
*   Signature trusted:  yes                                               *
*                                                                         *
*                                                                         *
* Compliance with policy for email addresses *@iaik.at:                   *
*                                                                         *
*   Encryption:         OK (None or better required)                      *
*                                                                         *
*   Digital Signature:  OK (digital signature required)                   *
*                                                                         *
***************************************************************************