Path: csiph.com!x330-a1.tempe.blueboxinc.net!feeder1.hal-mli.net!border3.nntp.dca.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!postnews.google.com!o7g2000vbn.googlegroups.com!not-for-mail From: Stone Newsgroups: comp.lang.java.programmer Subject: SSL client program Date: Fri, 13 May 2011 01:09:30 -0700 (PDT) Organization: http://groups.google.com Lines: 164 Message-ID: <3af63731-b09e-44ff-bf37-1ffebdf80f60@o7g2000vbn.googlegroups.com> NNTP-Posting-Host: 62.134.46.4 Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 X-Trace: posting.google.com 1305274171 31595 127.0.0.1 (13 May 2011 08:09:31 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Fri, 13 May 2011 08:09:31 +0000 (UTC) Complaints-To: groups-abuse@google.com Injection-Info: o7g2000vbn.googlegroups.com; posting-host=62.134.46.4; posting-account=IOeCfwoAAAA_VejOv6qSgFbw-0eHdS9A User-Agent: G2/1.0 X-HTTP-UserAgent: Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1,gzip(gfe) Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:4041 Dear developers, I am trying to write some client program which will open port 5000 on the client side and connect to the computer where is run daemon which listen on the port 5000. Those port should be secured over SSL. I have build up the C++ daemon which listen on that port together with SSL and when I am writing command: openssl s_client -ssl3 -connect 192.168.0.120:9000 then in the log of daemon I can see that connection was establish and working correctly. Including server certificate, SSL handshake and Secure Renegotiation I would like to created some client in Java but there I have some problems. When I run Java client application the in the daemon I see message: 24741:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:295: My Java code is: /* * To change this template, choose Tools | Templates * and open the template in the editor. */ package ssltest; import java.io.*; import java.net.*; import java.util.*; import javax.net.ssl.*; import java.security.cert.*; /** * */ public class SSLTest { private int port = 5000; private SSLSocketFactory sslSocketFactory; private SSLSocket connection; private SSLContext sslContext; private TrustManager[] trustManager; private PrintWriter outStream; private BufferedReader inStream; /** * @param args the command line arguments */ public static void main(String[] args) { // TODO code application logic here System.out.println("Start"); SSLTest e = new SSLTest(); } public SSLTest() { System.out.println("Connecting to 192.168.0.120 to port 5000"); connectTo(); } private void initializeSSLContext() throws Exception { try { sslContext = SSLContext.getInstance("SSLv3"); System.out.println("Contents with TLSv1 was initiated"); sslContext.init(null, trustManager, new java.security.SecureRandom()); System.out.println("Contents with TLSv1 was initiated with trustManager"); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String string, SSLSession ssls) { System.out.println("Warning: URL Host: "+string + " vs. " + ssls.getPeerHost()); return true; } }; HttpsURLConnection.setDefaultHostnameVerifier(hv); sslSocketFactory = sslContext.getSocketFactory(); System.out.println("SSL Socket Factory is done"); } catch (java.security.NoSuchAlgorithmException e) { e.printStackTrace(System.out); throw e; } catch (java.security.KeyManagementException e) { e.printStackTrace(System.out); throw e; } } private final void initializeTrustManager() throws Exception { // init new TrustManager trustManager = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { System.out.println("InitializeTrustManager: getAcceptedIssuers:"); return null; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { System.out.println("initializeTrustmanager: checkClientTrusted:" + certs[0] + " authTyp:" + authType); } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { System.out.println("InitializeTrustManager: checkServerTrusted:" + certs[0].getIssuerDN() + " authTyp:" + authType); } public boolean isClientTrusted(X509Certificate[] arg0) { return true; } public boolean isServerTrusted(X509Certificate[] arg0) { return true; } } }; } public void connectTo() { try { System.out.println("Initialization of trust Manager"); initializeTrustManager(); System.out.println("Initialization of SSL Context"); initializeSSLContext(); // open a socket to the server connection = (SSLSocket)sslSocketFactory.createSocket("192.168.0.120", port); //connection.setSSLParameters(null) //connection.startHandshake(); //URL u = new URL("https://192.168.0.120:5000/"); //HttpsURLConnection http = (HttpsURLConnection) u.openConnection(); //java.security.cert.Certificate[] serverCerts = connection.getSession().getPeerCertificates(); // open streams for reading and writing outStream = new PrintWriter(new OutputStreamWriter( connection.getOutputStream()),true); inStream = new BufferedReader(new InputStreamReader( connection.getInputStream())); } catch(Exception e) { } } } Those program is run from NetBeans directly Thank you to all for your help