SSL alert number 46

2004-09-07 Thread Liam Escario
I start up my Tomcat server with a keystore, truststore and clientAuth=true, and tried connecting it via "openssl s_client" and everything works well. Setting up my OC4J (Oracle 9ias) using the same keystore, truststore and needs-client-auth=true, I get the following error when I try to connect

OpenSSL and Oracle 9iAS (OC4J)

2004-08-27 Thread Liam Escario
Anyone set up SSL with Oracle 9iAS (OC4J)? If so, how do you set up the Truststore and client authentication in the XML? I can't find any docs on this anywhere, and the Oralce forums aren't helping either. Like if in Tomcat, all you have to do is "clientAuth=true", whats the equivalent tag for

Re: How to check server's SSL certificate on client?

2004-08-24 Thread Liam Escario
Hey Jim, I'm actually just using Standalone Tomcat with SSL. In any case, Mark introduced me to the s_client tool which proved very helpful in helping me solve my problem. It turned out that I couldn't see any client certs because I wasn't passing any client certs. So I checked my server.xml and

Re: How to check server's SSL certificate on client?

2004-08-23 Thread Liam Escario
Hey Jim, Thanks for the clarification there. That's how I thought it should behave =) Now if only I could get to figure out how to read my client certificate in Java. I'm always getting null... I've tried using both, String cipherSuite = (String) request.getAttribute("javax.net.ssl.cipher_

Re: How to check server's SSL certificate on client?

2004-08-22 Thread Liam Escario
Hi Peter, You mentioned: So, when the PKI client in my (for example) web browser connects to your IIS server, my web browser's PKI client will connect to the Certifying Authority URL that you specified when you created your SSL certificate what do you mean the client will connect to the CA URL spec

RE: No certificate corresponds to SSL cipher suides

2004-08-16 Thread Liam Escario
"java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled." Strangely enough, if I FIRST create a self-signed entry in my keystore before i import my CA signed-certificate, it works. Although this sho

No certificate corresponds to SSL cipher suides

2004-08-16 Thread Liam Escario
Hello, I am trying to set up SSL for Tomcat 5 using OpenSSL and I am getting this error: "java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled." Anybody know what my problem is? I'm using md5Wit

RE: OpenSSL and JAVA

2004-08-11 Thread Liam Escario
Then I tried importing a certificate signed by my CA. But now it's complaining that "Input not an X.509 certificate". Is it because my extension is ".pem"? Yes! I found the answer by going through some old threads in the Sun Microsystems website. I had to convert the PEM certificate to a DER fil

RE: OpenSSL and JAVA

2004-08-10 Thread Liam Escario
I'm having problems importing my OpennSSL certificates to my keystore. I created my root certificate in cacert.pem and I'm trying to import this now to my keystore. okay. some progress. I was able to import my CA using keytool. Apparently, you have to specify an alias for it. keytool -keyst

OpenSSL and JAVA

2004-08-10 Thread Liam Escario
Good day! I'm having problems importing my OpennSSL certificates to my keystore. I created my root certificate in cacert.pem and I'm trying to import this now to my keystore. keytool -import -trustcacerts -file cacert.pem -keystore myKeystore I'm getting "keytool error: java.lang.Exception:

RE: openssl newbie HELP!

2004-08-02 Thread Liam Escario
Thanks for all your help guys. Those links were great! I liked Areg's the best: very detailed and complete (and good for beginners). =) Just a question or two to clarify: 1) I noticed the certificates created in the tutorial had a *.pem extension. The ones I'm used to dealing with had a *.cer on

openssl newbie HELP!

2004-08-01 Thread Liam Escario
Hi! Can anybody direct me to an Openssl tutorial/manual where I can find out step-by-step how to: 1) use openssl to create a CA 2) use the CA to create certificates I'd really appreciated any help on this. Thanks! lee_the_flee There is no emotion, there is p