Menu
▾
▴
Re: [ebxmlms-general] RE: RE: RE: SSLHandshakeException (SSL PROBLEM) (Pattiarachi, Mal)
|
From: Ronald v. K. <rtv...@xs...> - 2005-08-10 17:49:06
|
replace the sun impl with the apache httpclient one. Much better, faster, M$ proxy support etc. Ronald Robert A. Stockfleth probeerde me het volgende duidelijk te maken: > I am able to connect to the Cyclone server using the simple HTTPSClient > below. I am almost positive that the handshaking problem - it isn't a > problem with Hermes, more like with the HttpsURLConnection class which > Hermes utilizes. > > I would file a bug report with Sun - but unless I can give them access to > our trading partner's development environment - I have no way to replicate > the issue for them. So I am pretty much out of luck. > > If anybody comes up with a work-around - I would LOVE to hear about it. > > Thanks, > > -Rob > > > -----Original Message----- > From: ebx...@li... > [mailto:ebx...@li...] On Behalf Of > ebx...@li... > Sent: Tuesday, August 02, 2005 8:15 PM > To: ebx...@li... > Subject: ebxmlms-general digest, Vol 1 #276 - 3 msgs > > Send ebxmlms-general mailing list submissions to > ebx...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/ebxmlms-general > or, via email, send a message with subject or body 'help' to > ebx...@li... > > You can reach the person managing the list at > ebx...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of ebxmlms-general digest..." > > > Today's Topics: > > 1. RE: SSLHandshakeException (SSL PROBLEM) (Robert A. Stockfleth) > 2. RE: RE: SSLHandshakeException (SSL PROBLEM) (Pattiarachi, Mal) > 3. Re: RE: SSLHandshakeException (SSL PROBLEM) (David Webber (XML)) > > --__--__-- > > Message: 1 > From: "Robert A. Stockfleth" <ro...@no...> > To: <ebx...@li...> > Date: Tue, 2 Aug 2005 15:05:00 -0700 > Subject: [ebxmlms-general] RE: SSLHandshakeException (SSL PROBLEM) > Reply-To: ebx...@li... > > This is a multi-part message in MIME format. > > ------=_NextPart_000_001F_01C59773.8DC924D0 > Content-Type: text/plain; > charset="us-ascii" > Content-Transfer-Encoding: 7bit > > A few weeks ago I figured out where my SSL Handshake problem is coming from. > > > > It seems that by default Hermes uses the HttpsURLConnection class to connect > (when you're accessing a HTTPS URL). > > > > I rewrote the SSL connection portion of Http.java to use the Socket class > instead of the HttpsURLConnection class. When I connected using the exact > same keystore - the handshaking process worked properly. > > > > It seems like something inside the HttpsURLConnection class was not > compatible with the Cyclone server, my private key or both. > > > > Anyone have any ideas (that don't involve hacking the source apart)?? > > > > PS Any chance future versions of Hermes will undergo Drummond's "EBXML" > certification. Many large companies will not allow outside vendors to > connect, unless they are using an officially EBXML certified application. > > > > Message: 2 > From: "Pattiarachi, Mal" <Mal...@ro...> > To: <ebx...@li...> > Subject: RE: [ebxmlms-general] RE: SSLHandshakeException (SSL PROBLEM) > Date: Wed, 3 Aug 2005 09:30:57 +1000 > Reply-To: ebx...@li... > > This is a multi-part message in MIME format. > > ------_=_NextPart_001_01C597BA.3BDDD192 > Content-Transfer-Encoding: quoted-printable > Content-Type: text/plain; > charset="iso-8859-1" > > Hi Robert, > > I'm getting a similar error (javax.net.ssl.SSLHandshakeException: Remote > host closed connection during handshake) at random occassions (some > connections get through), when connecting to Tibco Business Connect in = > our > partners test environment. Oddly enough, in production, where our = > partner > uses an external clustered HTTPS web server, the connections appear to = > work > fine. > > The thing is, the problem is replicable outside of Hermes... i.e. I used = > a > simple HTTPS client (consisting of just a few lines of code) which uses = > the > socket method of connecting, and I still got the same error I'm getting = > with > Hermes ... and this was duplicated no matter the version of Java I was > using, be it 1.4.2_01 or 1.4.2_08 or 1.5! I figured this was a problem = > to do > with Tibco's internal SSL handler which wasn't behaving correctly and > requested our partner try to see what's going on with Tibco. > > We use Hermes 0.9.3.1 and Java 1.4.2, I examined Http.java - most if it > appears to be commented out? Perhaps it's changed between versions. > > I've attached the source code I was using for the simple HTTPS client, = > see > if you can connect to your partners Cyclone using it.=20 > > > > import java.net.*; > import java.io.*; > import java.security.*; > import javax.net.ssl.*; > > public class HTTPSClient { > > public static void main(String[] args) { > > > > int port =3D 6707; > String host =3D "HOST_URL"; > > try { > > Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); > SSLSocketFactory factory > =3D (SSLSocketFactory) SSLSocketFactory.getDefault(); > > SSLSocket socket =3D (SSLSocket) factory.createSocket(host, port); > > > > Writer out =3D new OutputStreamWriter(socket.getOutputStream()); > // https requires the full URL in the GET line > out.write("GET http://" + host + "/ HTTP/1.1\r\n"); > out.write("\r\n"); > out.flush(); > > // read response > BufferedReader in =3D new BufferedReader( > new InputStreamReader(socket.getInputStream())); > int c; > while ((c =3D in.read()) !=3D -1) { > System.out.write(c); > } > > out.close(); > in.close(); > socket.close(); > > } > catch (Exception e) { > System.out.println(e); > } > > } > > } > > > > > > -----Original Message----- > From: ebx...@li... > [mailto:ebx...@li...] On Behalf Of Robert = > A. > Stockfleth > Sent: Wednesday, 3 August 2005 8:05 AM > To: ebx...@li... > Subject: [ebxmlms-general] RE: SSLHandshakeException (SSL PROBLEM) > > > A few weeks ago I figured out where my SSL Handshake problem is coming = > from. > =20 > It seems that by default Hermes uses the HttpsURLConnection class to = > connect > (when you're accessing a HTTPS URL). > =20 > I rewrote the SSL connection portion of Http.java to use the Socket = > class > instead of the HttpsURLConnection class. When I connected using the = > exact > same keystore - the handshaking process worked properly. > =20 > It seems like something inside the HttpsURLConnection class was not > compatible with the Cyclone server, my private key or both. > =20 > Anyone have any ideas (that don't involve hacking the source apart)?? > =20 > PS Any chance future versions of Hermes will undergo Drummond's "EBXML" > certification. Many large companies will not allow outside vendors to > connect, unless they are using an officially EBXML certified = > application. > =20 > > The information contained in this email and any attachments to it: > =20 > (a) may be confidential and if you are not the intended recipient, any = > interference with,=20 > use, disclosure or copying of this material is unauthorised and = > prohibited; and > =20 > (b) may contain personal information of the recipient and/or the sender = > as defined > under the Privacy Act 1988 (Cth). Consent is hereby given by the = > recipient(s) to=20 > collect, hold and use such information and any personal information = > contained in a=20 > response to this email, for any reasonable purpose in the ordinary = > course of=20 > Ross Human Directions Limited business (including all of it=92s = > subsidiaries), including=20 > forwarding this email internally or disclosing it to a third party.=20 > All personal information collected by Ross Human Directions Limited will = > be handled in=20 > accordance with Ross Human Directions Limited Privacy Policy. If you = > have received this=20 > email in error, please notify the sender and delete it.=20 > > (c) you agree not to employ or arrange employment for any candidate(s) = > supplied in=20 > this email and any attachments without first entering into a contractual = > agreement with=20 > Ross Human Directions Limited. You further agree not to divulge any = > information contained=20 > in this document to any person(s) or entities without the express = > permission of=20 > Ross Human Directions Limited.=20 > > Message: 3 > From: "David Webber \(XML\)" <da...@dr...> > To: <ebx...@li...> > Subject: Re: [ebxmlms-general] RE: SSLHandshakeException (SSL PROBLEM) > Date: Tue, 2 Aug 2005 22:25:25 -0400 > Organization: XML eBusiness > Reply-To: ebx...@li... > > This is a multi-part message in MIME format. > > ------=_NextPart_000_00F1_01C597B1.145CD180 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Robert, > > Good catch. > > On the certification front. I've done the Drummond testing with a = > commercial product. > > I would venture that if Hermes can freely interchange with the target = > server (say Cyclone - which BTW has probably the most complete = > implementation) - that is exactly like completing the Drummond testing = > anyway. > > Of course Drummond makes you perform a range of tests with four or more = > other vendors - but you can easily verify that Hermes matches those = > needs. > > BTW - the CPA handling in current Hermes is not all it should be. My = > understanding that is being enhanced - along the lines we did in the = > code here - http://ebxmlbook.com/interop/=20 > > All this is about verifying the operation. For example - Oracle now has = > a ebMS compatible server to for iHub - but its not "certified" - and = > I'll wager that your management would happily use it, eh? > > Hope that helps your decision making. > > Thanks, DW > _______________________________________________ > ebxmlms-general mailing list > ebx...@li... > https://lists.sourceforge.net/lists/listinfo/ebxmlms-general > > > End of ebxmlms-general Digest > > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > ebxmlms-general mailing list > ebx...@li... > https://lists.sourceforge.net/lists/listinfo/ebxmlms-general > -- Kijk niet terug, maar kijk naar mij Against all odds |
