Hi
I am implementing 2way SSL over https on tamcat server through .Net
client (C# code as given below)
When iam validating server certificate,it's througing error like SSPI
failed while executing following method.
sslStream.AuthenticateAsClient(serverName,clientCertificatecollection,Ss
lProtocols.Ssl3,true);
Please suggest me....
using System;
using System.Collections;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.IO;
namespace SSLClient
{
class Program
{
private static Hashtable certificateErrors = new Hashtable();
// The following method is invoked by the
RemoteCertificateValidationDelegate.
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
SslPolicyErrors errors = sslPolicyErrors;
if (errors != SslPolicyErrors.None)
{
Console.WriteLine("Certificate error: {0} ", errors);
}
if (((errors & SslPolicyErrors.RemoteCertificateChainErrors) ==
SslPolicyErrors.RemoteCertificateChainErrors))
{
//Console.WriteLine("Certificate error: {0} Certificate chain empty.
Self signed certificate? butstill continued");
errors -= SslPolicyErrors.RemoteCertificateChainErrors;
}
if (((errors & SslPolicyErrors.RemoteCertificateNameMismatch) ==
SslPolicyErrors.RemoteCertificateNameMismatch))
{
errors -= SslPolicyErrors.RemoteCertificateNameMismatch;
}
if (errors == SslPolicyErrors.None)
return true;
Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
// Do not allow this client to communicate with unauthenticated servers.
return false;
}
public static void RunClient(string machineName, string serverName)
{
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient client = new TcpClient(machineName, 8443);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
//X509Certificate clientCertificate;
X509CertificateCollection clientCertificatecollection = new
X509CertificateCollection();
X509Certificate clientCertificate =
X509Certificate.CreateFromCertFile(@"C:\project_securent\securent\lib\ap
ache-tomcat-5.5.17\ajay.cer");
clientCertificatecollection.Add(clientCertificate);
clientCertificatecollection.Add(clientCertificate);
sslStream.AuthenticateAsClient(serverName,clientCertificatecollection,Ss
lProtocols.Ssl3,true);
Console.WriteLine("hi");
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
client.Close();
return;
}
// Encode a test message into a byte array.
// Signal the end of the message using the "<EOF>".
byte[] messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
// Send hello message to the server.
sslStream.Write(messsage);
sslStream.Flush();
// Read message from the server.
string serverMessage = ReadMessage(sslStream);
Console.WriteLine("Server says: {0}", serverMessage);
// Close the client connection.
client.Close();
Console.WriteLine("Client closed.");
}
static string ReadMessage(SslStream sslStream)
{
// Read the message sent by the server.
// The end of the message is signaled using the
// "<EOF>" marker.
byte[] buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do
{
bytes = sslStream.Read(buffer, 0, buffer.Length);
// Use Decoder class to convert from bytes to UTF8
// in case a character spans two buffers.
Decoder decoder = Encoding.UTF8.GetDecoder();
char[] chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
// Check for EOF.
if (messageData.ToString().IndexOf("<EOF>") != -1)
{
break;
}
} while (bytes != 0);
return messageData.ToString();
}
private static void DisplayUsage()
{
Console.WriteLine("To start the client specify:");
Console.WriteLine("clientSync machineName [serverName]");
Environment.Exit(1);
}
public static int Main(string[] args)
{
string serverCertificateName = "server.cer";
string machineName = "localhost";
Program.RunClient(machineName, serverCertificateName);
return 0;
}
}
}
-----Original Message-----
From: Martin Gainty [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 18, 2008 10:35 PM
To: Tomcat Users List
Subject: RE: Servlets / JSP can't connect to MySQL in Ubuntu Server
Andre
If not otherwise specified 3306 is the default port for mysql check to
see if its occupied with netstat -a | grep 3306 If it is reconfig your
port in my.conf to an available port
Martin Gainty
______________________________________________
Disclaimer and confidentiality note
Everything in this e-mail and any attachments relates to the official
business of Sender. This transmission is of a confidential nature and
Sender does not endorse distribution to any party other than intended
recipient. Sender does not necessarily endorse content contained within
this transmission.
> Date: Tue, 18 Nov 2008 13:37:49 +0100
> From: [EMAIL PROTECTED]
> To: users@tomcat.apache.org
> Subject: Re: Servlets / JSP can't connect to MySQL in Ubuntu Server
>
> Krapacs Ambrose wrote:
> > I have tried many different configurations and I have been unable to
> > get my Servlets / JSP to connect to MySQL server running. I am
> > trying to get this set up on my main server which is running Ubuntu
> > 8.10 Server with MySQL 5 and Tomcat6. I also tried setting up a
> > Ubuntu 8.04 server with Tomcat 5.5 and MySQL 5. I have even
> > configured Tomcat running on the 8.10 server to try to connect to
> > MySQL running on the 8.04 server. Still no luck!
> >
> > The exception that is thrown is here:
> > com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:
> > Communications link failure
> Hi.
> I know little about MySQL and JDBC, but the above seems to be purely
> at the TCP/IP level : your JDBC driver cannot connect to your MySQL
server.
>
> It seems from the above that you are connecting to "localhost" without
> indicating a port. I thus suppose that JDBC is going to try the
> "standard port" on which MySQL is supposed to be listening.
> 1) So first of all, is that the case ? Is MySQL really listening on
> that port ? (and first of all, is MySQL started ?) (Try "netstat -n |
> grep LISTEN" to see all ports being listened on)
>
> 2) are your Tomcat and your MySQL server on the same system ? (since
> you're trying to connect to "localhost")
>
> 3) if yes, on that system, when you try "ping localhost", what does it
> show you ?
>
> 4) finally, on the same system, try "telnet localhost xxxx", where
> xxxx is the port where MySQL is supposedly listening. What do you see
then ?
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe,
> e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
_________________________________________________________________
Access your email online and on the go with Windows Live Hotmail.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_acc
ess_112008
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
