Thread: [openjms-user] HTTPS Help

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hello OpenJMS users, hopefully someone has gotten HTTPS tunnels working.
I'm having a hard time with setting up a simple test. Here is the Java
Code, it never gets past the InitialContext line:

		Hashtable properties = new Hashtable();
		properties.put(Context.INITIAL_CONTEXT_FACTORY,
				"org.exolab.jms.jndi.InitialContextFactory");
		properties.put(Context.PROVIDER_URL, "https://localhost:8443/");
		properties.put("org.exolab.jms.net.https.keyStore", "/Users/.../.keystore");
		properties.put("org.exolab.jms.net.https.trustStore", "/Users/../.keystore");
		properties.put("org.exolab.jms.net.https.keyStorePassword", "...");

		Context cntx = new InitialContext(properties);

Here is the debug:

keyStore is : /Users/.../.keystore
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: /Users/.../.keystore
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
  Subject: CN=J Godinez, OU=TEST, O=TEST, L=, ST=CA, C=US
  Issuer:  CN=J Godinez, OU=TEST, O=TEST, L=, ST=CA, C=US
  Algorithm: RSA; Serial number: 0x4b1981f4
  Valid from Fri Dec 04 13:41:08 PST 2009 until Thu Mar 04 13:41:08 PST 2010

trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1259902718 bytes = { 139, 80, 78, ..., 172 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA,
SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 79
0000: 01 00 00 4B 03 01 4B 19   97 FE 8B 50 4E 94 20 16  ...K..K....PN. .
...
0040: 09 00 15 00 12 00 03 00   08 00 14 00 11 01 00     ...............
main, WRITE: TLSv1 Handshake, length = 79
[write] MD5 and SHA1 hashes:  len = 107
0000: 01 03 01 00 42 00 00 00   20 00 00 04 01 00 80 00  ....B... .......
...
0060: 29 70 49 50 12 00 49 BD   FD 3B AC                 )pIP..I..;.
main, WRITE: SSLv2 client hello message, length = 107
[Raw write]: length = 109
...
0060: 03 B9 29 70 49 50 12 00   49 BD FD 3B AC           ..)pIP..I..;.
[Raw read]: length = 5
0000: 16 03 01 02 A1                                     .....
[Raw read]: length = 673
0000: 02 00 00 46 03 01 4B 19   97 FE 3F 50 E0 D0 3C E0  ...F..K...?P..<.
...
0290: 94 CC 3E 84 55 24 B3 9E   12 D9 FD B6 46 0E 00 00  ..>.U$......F...
02A0: 00                                                 .
main, READ: TLSv1 Handshake, length = 673
*** ServerHello, TLSv1
RandomCookie:  GMT: 1259902718 bytes = { 63, ... 121 }
Session ID:  {75, ... 226}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
***
%% Created:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes:  len = 74
0000: 02 00 00 46 03 01 4B 19   97 FE 3F 50 E0 D0 3C E0  ...F..K...?P..<.
...
0040: 64 0C C6 76 D5 E4 E2 00   04 00                    d..v......
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=J Godinez, OU=TEST, O=TEST, L=, ST=CA, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 107342282817175...430515336218733
  public exponent: 65537
  Validity: [From: Fri Dec 04 13:41:08 PST 2009,
               To: Thu Mar 04 13:41:08 PST 2010]
  Issuer: CN=J Godinez, OU=TEST, O=TEST, L=, ST=CA, C=US
  SerialNumber: [    4b1981f4]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 68 E8 72 6C 95 4B E6 C9   C3 AE C9 5F AD 4F B4 51  h.rl.K....._.O.Q
...
0070: C9 B0 BB 94 CC 3E 84 55   24 B3 9E 12 D9 FD B6 46  .....>.U$......F

]
***
Found trusted certificate:
[
[
  Version: V3
  Subject: CN=J Godinez, OU=IIS BU, O=SAIC, L=San Diego, ST=CA, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 1073422828171758035...430515336218733
  public exponent: 65537
  Validity: [From: Fri Dec 04 13:41:08 PST 2009,
               To: Thu Mar 04 13:41:08 PST 2010]
  Issuer: CN=J Godinez, OU=TEST, O=TEST, L=, ST=CA, C=US
  SerialNumber: [    4b1981f4]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 68 E8 72 6C 95 4B E6 C9   C3 AE C9 5F AD 4F B4 51  h.rl.K....._.O.Q
...
0070: C9 B0 BB 94 CC 3E 84 55   24 B3 9E 12 D9 FD B6 46  .....>.U$......F

]
[read] MD5 and SHA1 hashes:  len = 595
0000: 0B 00 02 4F 00 02 4C 00   02 49 30 82 02 45 30 82  ...O..L..I0..E0.
...
0240: 19 D7 E9 C9 B0 BB 94 CC   3E 84 55 24 B3 9E 12 D9  ........>.U$....
0250: FD B6 46                                           ..F
*** ServerHelloDone
[read] MD5 and SHA1 hashes:  len = 4
0000: 0E 00 00 00                                        ....
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
[write] MD5 and SHA1 hashes:  len = 134
0000: 10 00 00 82 00 80 77 C8   EE 80 12 E9 97 02 15 A8  ......w.........
...
0070: 2C BC 7D EB 78 24 CB 44   B6 8F 16 FA 82 D1 10 4C  ,...x$.D.......L
0080: 1F 4F F4 45 3A BC                                  .O.E:.
main, WRITE: TLSv1 Handshake, length = 134
[Raw write]: length = 139
0000: 16 03 01 00 86 10 00 00   82 00 80 77 C8 EE 80 12  ...........w....
0010: E9 97 02 15 A8 2A 3A 5F   F1 0A 91 48 5E 08 2E 90  .....*:_...H^....
...
0080: FA 82 D1 10 4C 1F 4F F4   45 3A BC                 ....L.O.E:.
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 75 A2 2B 37 78 93   75 57 0B AC FE D9 C9 EA  ..u.+7x.uW......
0010: 85 B0 19 B3 80 10 D4 DC   0D FD C1 7A 90 01 99 3F  ...........z...?
0020: E3 78 6B 12 0D BF 15 96   A3 0F C3 AF 2D 62 68 34  .xk.........-bh4
CONNECTION KEYGEN:
Client Nonce:
0000: 4B 19 97 FE 8B 50 4E 94   20 16 56 79 5E 41 02 56  K....PN. .Vy^A.V
0010: 9B 84 89 03 B9 29 70 49   50 12 00 49 BD FD 3B AC  .....)pIP..I..;.
Server Nonce:
0000: 4B 19 97 FE 3F 50 E0 D0   3C E0 36 0C 37 B4 A4 7C  K...?P..<.6.7...
0010: 3D 68 04 13 88 6C 67 37   7F 36 04 77 CA E6 BF 79  =h...lg7.6.w...y
Master Secret:
0000: 86 C3 55 F6 F1 B5 81 DA   58 F9 1C 90 53 20 1F 72  ..U.....X...S .r
0010: 31 1B C7 36 FC 15 D7 71   0B 77 87 73 47 86 EB 55  1..6...q.w.sG..U
0020: B1 11 DC 78 5C 43 1E 39   5C 39 D7 A8 BA 89 D6 98  ...x\C.9\9......
Client MAC write Secret:
0000: 35 52 F7 3D 12 AB 71 FF   9D 23 FA 2F 98 92 E8 14  5R.=..q..#./....
Server MAC write Secret:
0000: 0D 14 A9 24 D6 43 C1 0A   83 4A 7F 81 E2 A2 67 B3  ...$.C...J....g.
Client write key:
0000: 7D 16 1D 04 C4 09 33 6E   EF C8 0A 7F A2 64 16 F1  ......3n.....d..
Server write key:
0000: B7 9F A7 66 2A 39 24 AD   A9 C7 C0 B4 D6 66 15 D5  ...f*9$......f..
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 01 00 01 01                                  ......
*** Finished
verify_data:  { 190, 254, 191, 68, 122, 148, 213, 101, 19, 213, 9, 47 }
***
[write] MD5 and SHA1 hashes:  len = 16
0000: 14 00 00 0C BE FE BF 44   7A 94 D5 65 13 D5 09 2F  .......Dz..e.../
Padded plaintext before ENCRYPTION:  len = 32
0000: 14 00 00 0C BE FE BF 44   7A 94 D5 65 13 D5 09 2F  .......Dz..e.../
0010: E8 8D 1F BF 04 D0 58 E6   A9 6E F4 41 D3 99 99 A4  ......X..n.A....
main, WRITE: TLSv1 Handshake, length = 32
[Raw write]: length = 37
0000: 16 03 01 00 20 A7 76 57   03 06 3C 3E D3 B0 A5 5B  .... .vW..<>...[
0010: 1E 7E 17 47 DA 94 DD 22   BE F8 8F 85 11 1C FA 9B  ...G..."........
0020: B5 47 16 8F C6                                     .G...
[Raw read]: length = 5
0000: 14 03 01 00 01                                     .....
[Raw read]: length = 1
0000: 01                                                 .
main, READ: TLSv1 Change Cipher Spec, length = 1
[Raw read]: length = 5
0000: 16 03 01 00 20                                     ....
[Raw read]: length = 32
0000: A1 8F D3 24 15 3C 84 A3   F7 0B 17 41 D0 32 DD B0  ...$.<.....A.2..
0010: 32 BE 87 FD 39 D8 AC 49   85 75 B5 C6 A5 9C 9B 4B  2...9..I.u.....K
main, READ: TLSv1 Handshake, length = 32
Padded plaintext after DECRYPTION:  len = 32
0000: 14 00 00 0C 65 B8 F8 9D   55 5D 94 EC 89 48 17 38  ....e...U]...H.8
0010: 64 6F A1 FC E9 81 9D 16   C0 93 7A E6 C1 6F EB F2  do........z..o..
*** Finished
verify_data:  { 101, 184, 248, 157, 85, 93, 148, 236, 137, 72, 23, 56 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
[read] MD5 and SHA1 hashes:  len = 16
0000: 14 00 00 0C 65 B8 F8 9D   55 5D 94 EC 89 48 17 38  ....e...U]...H.8
main, called close()
main, called closeInternal(true)
main, SEND TLSv1 ALERT:  warning, description = close_notify
Padded plaintext before ENCRYPTION:  len = 18
0000: 01 00 81 45 B7 58 AE 99   A0 85 72 AA D6 ED 7D 5C  ...E.X....r....\
0010: 38 FD                                              8.
main, WRITE: TLSv1 Alert, length = 18
[Raw write]: length = 23
0000: 15 03 01 00 12 46 2C 67   38 BD 8C AD CB C8 0C 57  .....F,g8......W
0010: 1B 86 C2 6E 3A 2A 4B                               ...n:*K
%% Invalidated:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
javax.naming.CommunicationException: Failed to get registry service
for URL: https://localhost:8443/ [Root exception is
java.rmi.ConnectIOException: Failed to create connection; nested
exception is:
	org.exolab.jms.net.connector.ConnectException: Failed to connect to
URI=https://localhost:8443/openjms-tunnel/tunnel]
	at org.exolab.jms.jndi.InitialContextFactory.getInitialContext(InitialContextFactory.java:146)
	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
	at javax.naming.InitialContext.init(InitialContext.java:223)
	at javax.naming.InitialContext.<init>(InitialContext.java:197)
	at TestTunnelClient.connect(TestTunnelClient.java:33)
	at TestTunnelClient.main(TestTunnelClient.java:58)
Caused by: java.rmi.ConnectIOException: Failed to create connection;
nested exception is:
	org.exolab.jms.net.connector.ConnectException: Failed to connect to
URI=https://localhost:8443/openjms-tunnel/tunnel
	at org.exolab.jms.net.orb.Locator.getProxy(Locator.java:137)
	at org.exolab.jms.net.orb.Locator.getRegistry(Locator.java:103)
	at org.exolab.jms.net.orb.DefaultORB.getRegistry(DefaultORB.java:285)
	at org.exolab.jms.client.net.SharedORB.getRegistry(SharedORB.java:121)
	at org.exolab.jms.jndi.InitialContextFactory.getInitialContext(InitialContextFactory.java:144)
	... 6 more
Caused by: org.exolab.jms.net.connector.ConnectException: Failed to
connect to URI=https://localhost:8443/openjms-tunnel/tunnel
	at org.exolab.jms.net.http.AbstractHTTPManagedConnection.<init>(AbstractHTTPManagedConnection.java:118)
	at org.exolab.jms.net.http.HTTPSManagedConnection.<init>(HTTPSManagedConnection.java:74)
	at org.exolab.jms.net.http.HTTPSManagedConnectionFactory.createManagedConnection(HTTPSManagedConnectionFactory.java:124)
	at org.exolab.jms.net.connector.DefaultConnectionPool.createManagedConnection(DefaultConnectionPool.java:233)
	at org.exolab.jms.net.connector.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:140)
	at org.exolab.jms.net.connector.AbstractConnectionFactory.getConnection(AbstractConnectionFactory.java:167)
	at org.exolab.jms.net.connector.AbstractConnectionManager.getConnection(AbstractConnectionManager.java:208)
	at org.exolab.jms.net.orb.Locator.getProxy(Locator.java:131)
	... 10 more

Is this a problem with my certificates, maybe opejms is misconfigured,
but it seems that I don't even get that far....

Thanks,
Javier Godinez
-- 
★ jg