using keystores and trustmanagers

Discussion in 'Java' started by AndrewTK, Mar 24, 2006.

  1. AndrewTK

    AndrewTK Guest

    I am working on a project in which we must implement servers and
    clients that must communicate data back and forth. The setup is that
    there are 5 teams each with their own server and client. Each client
    communicates with their own or another team's server

    Until recently, we have been using plain sockets, but the recent
    decision was made to implement secure communication.

    I duly updated my code:

    Socket s = new Socket(host, port);

    to

    SSLSocketFactory facto =
    (SSLSocketFactory)SSLSocketFactory.getDefault();
    SSLSocket s = (SSLSocket)facto.createSocket(host,port);
    s.startHandshake();

    This generates exception

    /-!!!
    Exception in thread "main" javax.net.ssl.SSLHandshakeException:
    sun.security.validator.ValidatorException: PKIX path building failed:
    sun.security.provider.certpath.SunCertPathBuilderException: unable to
    find valid certification path to requested target
    !!!-/

    Mails back and forth have suggested that .cer files are in play. I have
    not been able to make head or tail of the documentation I find online,
    and most docs are related to HTTPS servers, which is not what I want -
    I am coding the client side, for raw TCP use (our server is being coded
    by someone else, in Python, so I can't get much advice from them...)

    My questions, more specifically:
    -I have been given a number of .cer files. How am I supposed to load
    them to the key store? Preferably I would like to be able to have these
    in a folder and be able to load them on client startup, dynamically
    speaking.

    -Does the handshaking deal with authenticating a server once the
    certificates are loaded or will I need to "manually" (=hard-code) the
    authentication? Where do I do that?

    ***

    For now the concerened code is

    {
    // (...)
    // I am expecting I might have to do something here...

    SSLSocketFactory facto =
    (SSLSocketFactory)SSLSocketFactory.getDefault();
    s = (SSLSocket)facto.createSocket( host , port );
    s.startHandshake();

    // or here otherwise

    OutputStreamWriter osw = new OutputStreamWriter(s.getOutputStream()
    );
    osw.write( the_data );
    osw.flush();

    // read response data
    // (...)
    }

    Thanks in advance for any advice!

    Andrew
     
    AndrewTK, Mar 24, 2006
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
There are no similar threads yet.
Loading...