1

Am trying to establish an ssl connection.I have a Server and I have a client. I have both of them running on the same machine. am trying to establish an SSL connection between the client and the server. i have generated certificates for both the server and the client with the following keytool command.

For Client

keytool -keystore clientstore -genkey -alias client -validity 3650

Then i export the root certificate of the client to a cer file callled client.cer

For Server keytool -keystore serverstore -genkey -alias server -validity 3650 Then i export the root certificate of the server to a cer file callled server.cer

I now import the client certificate "client.cer" into the serverstore keystore with the following command

keytool -import -keystore serverstore -file client.cer -alias client

And also import the servers certificate "server.cer" into the clientstore keystore with the following command

keytool -import -keystore clientstore -file server.cer -alias server

After doing this, i imported both the server.cer and client.cer into the cacerts Keystore. But when i try to establish an ssl connection, i get this error on the server javax.net.ssl.SSLHandshakeException: null cert chain and this error on the client javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate.

My Servers Code.

package serverapplicationssl;


import java.io.*;
import java.security.KeyStore;
import java.security.Security;
import java.security.PrivilegedActionException;

import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import java.security.Security;

import java.io.*;

public class ServerApplicationSSL {

public static void main(String[] args) {
boolean debug = true;

System.out.println("Waiting For Connection");

int intSSLport = 4447;

{
    Security.addProvider(new Provider());

}
if (debug) {
    System.setProperty("javax.net.debug", "all");
}
FileWriter file = null;
try {
    file = new FileWriter("C:\\SSLCERT\\Javalog.txt");

} catch (Exception ee) {
    //message = ee.getMessage();

}

try {

    KeyStore keystore = KeyStore.getInstance("JKS");
    keystore.load(new FileInputStream("C:\\SSLCERT\\OntechServerKS"), "server".toCharArray());
    file.write("Incoming Connection\r\n");

    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
            .getDefaultAlgorithm());
    kmf.init(keystore, "server".toCharArray());

    SSLContext context = SSLContext.getInstance("TLS");
    context.init(kmf.getKeyManagers(), null, null);

    SSLServerSocketFactory sslServerSocketfactory = (SSLServerSocketFactory) context.getServerSocketFactory();
    SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketfactory.createServerSocket(intSSLport);
    sslServerSocket.setEnabledCipherSuites(sslServerSocket.getSupportedCipherSuites());
    sslServerSocket.setNeedClientAuth(true);
    SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
    //SSLServerSocket server_socket = (SSLServerSocket) sslServerSocket;

    sslSocket.startHandshake();

 // Start the session
    System.out.println("Connection Accepted");
    file.write("Connection Accepted\r\n");

    while (true) {
        PrintWriter out = new PrintWriter(sslSocket.getOutputStream(), true);

        String inputLine;

        //while ((inputLine = in.readLine()) != null) {
        out.println("Hello Client....Welcome");
        System.out.println("Hello Client....Welcome");
        //}

        out.close();
        //in.close();
        sslSocket.close();
        sslServerSocket.close();
        file.flush();
        file.close();
    }

} catch (Exception exp) {
    try {
        System.out.println(exp.getMessage() + "\r\n");
        exp.printStackTrace();
        file.write(exp.getMessage() + "\r\n");
        file.flush();
        file.close();
    } catch (Exception eee) {
        //message = eee.getMessage();
    }

}

}

}

Here's My Clients Code

import java.io.*;
import java.net.*;
import java.security.*;
import java.util.Enumeration;

import javax.net.ssl.*;

public class SSLConnect {

public String MakeSSlCall(String meternum) {
    String message = "";
    FileWriter file = null;
    try {
        file = new FileWriter("C:\\SSLCERT\\ClientJavalog.txt");

    } catch (Exception ee) {
        message = ee.getMessage();

    }
    //writer = new BufferedWriter(file );
    try {
        file.write("KeyStore Generated\r\n");
        KeyStore keystore = KeyStore.getInstance("JKS");
        keystore.load(new FileInputStream("C:\\SSLCERT\\SkyeClientKS"), "client".toCharArray());

        file.write("KeyStore Generated\r\n");
        Enumeration enumeration = keystore.aliases();
        while (enumeration.hasMoreElements()) {
            String alias = (String) enumeration.nextElement();
            file.write("alias name: " + alias + "\r\n");
            keystore.getCertificate(alias);
            file.write(keystore.getCertificate(alias).toString() + "\r\n");
        }
        TrustManagerFactory tmf =TrustManagerFactory.getInstance("SunX509");
        tmf.init(keystore);
        file.write("KeyStore Stored\r\n");
        SSLContext context = SSLContext.getInstance("SSL");
        TrustManager[] trustManagers = tmf.getTrustManagers();
        context.init(null, trustManagers, null);

        SSLSocketFactory f = context.getSocketFactory();
        file.write("About to Connect to Ontech\r\n");
        SSLSocket c = (SSLSocket) f.createSocket("192.168.1.16", 4447);
        file.write("Connection Established to 196.14.30.33 Port: 8462\r\n");
        file.write("About to Start Handshake\r\n");
        c.startHandshake();
        file.write("Handshake Established\r\n");
        file.flush();
        file.close();
        return "Connection Established";
    } catch (Exception e) {
        try {
            file.write("An Error Occured\r\n");
            file.write(e.getMessage() + "\r\n");
            StackTraceElement[] arrmessage = e.getStackTrace();
            for (int i = 0; i < arrmessage.length; i++) {
                file.write(arrmessage[i] + "\r\n");
            }

            file.flush();
            file.close();
        } catch (Exception eee) {
            message = eee.getMessage();

        }
        return "Connection Failed";
    }
}
}

Stack Trace Execption on my Server

javax.net.ssl.SSLHandshakeException: null cert chain
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:292)
    at sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1804)
    at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:222)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:957)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:892)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
    at serverapplicationssl.ServerApplicationSSL.main(ServerApplicationSSL.java:69)

Stack Trace Execption on my client

Received fatal alert: bad_certificate
sun.security.ssl.Alerts.getSSLException(Unknown Source)
sun.security.ssl.Alerts.getSSLException(Unknown Source)
sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
SSLConnect.MakeSSlCall(SSLConnect.java:96)
BankCollectSSLCon.main(BankCollectSSLCon.java:13)

What could be causing this error?, could it be because i am running both the server and the client on the same machine?...Been on this for quite a while now. i need help

Improve this question

1 Answer 1

Reset to default
0

Please try to include this code snippet so that all the certificates will be trusted.

  public static void trustSelfSignedSSL() {
    try {
        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {

            public void checkClientTrusted(X509Certificate[] xcs, String string)
                    throws CertificateException {}

            public void checkServerTrusted(X509Certificate[] xcs, String string)
                    throws CertificateException {}

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        ctx.init(null, new TrustManager[] { tm }, null);
        SSLContext.setDefault(ctx);
    } catch (Exception ex) {
        // LOGGER.error("Exception : ", ex.getStackTrace());
        System.out.println(ex.getStackTrace());
    }
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Where do i include this code snippet? on the server or on the client?
include it in the client.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.