mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: Connect from C++ SSL Client to Mina SSL server
Date Mon, 11 Jun 2012 11:07:23 GMT
Le 6/11/12 10:36 AM, madhurima v a écrit :
> Thanks for your quick response.
> We are using Mina 2.0-M1 from last 4 years,due to the same reason i was
> tried SSL connection also with same version.
> as per your suggestion we updated the version to Mina-2.0.0-M5 and tried the
> SSL connection
> http://grepcode.com/file/repo1.maven.org/maven2/org.apache.mina/mina-example
> /2.0.0-M5/org/apache/mina/example/echoserver/ssl/BogusSslContextFactory.java
> ?av=f.
>
> Following is my issue.
> 1. generated bogus certificate using keystore commands available in
> BogusSslContextFactory.java class.
>          // NOTE: The keystore was generated using keytool:
>      //   keytool -genkey -alias bogus -keysize 512 -validity 3650
>      //   -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
>      //   O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
>      //   -keypass boguspw -storepass boguspw -keystore bogus.cert
>      and we used same certificate in both sides and both ssl client and
> server connected successfully.
> 2. After getting the connection we need to get the message in handler
> -messageReceive() method.
>      here i am unable to get the original message. and automatically closing
> the connection.
>
>      Mina server log :
> SSL ON
> Listening on port 9123
> [12:19:24] NioProcessor-1 INFO  [] []
> [org.apache.mina.example.echoserver.EchoProtocolHandler] -      OPENED
> [12:19:26] NioProcessor-1 INFO  [] []
> [org.apache.mina.example.echoserver.EchoProtocolHandler] - Received :
> SESSION_UNSECURED

Here, the handshake has failed. It might be because the client is trying 
to negociate some cyphers that are not supported by MINA server.

The best things would be to use wireshark to analyze what is being 
transmitted during the handshake. You can provide the output.

Also there is a way to set up some debugging for SSL 
(http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html)


-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com


Mime
View raw message