Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #4077

Re: SSL client program

Show all headers | View raw

On 14 kvě, 17:34, Daniele Futtorovic <da.futt.n...@laposte-dot-
net.invalid> wrote:
> On 14/05/2011 10:54, Stone allegedly wrote:
>
>
>
>
>
>
>
>
>
> > On 13 kvě, 18:57, Daniele Futtorovic<da.futt.n...@laposte-dot-
> > net.invalid>  wrote:
> >> On 13/05/2011 18:39, Daniele Futtorovic allegedly wrote:
>
> >>> On 13/05/2011 10:09, Stone allegedly wrote:
> >>>> Dear developers,
>
> >>>> I am trying to write some client program which will open port 5000 on
> >>>> the client side and connect to the computer where is run daemon which
> >>>> listen on the port 5000.
> >>>> Those port should be secured over SSL.
> >>>> I have build up the C++ daemon which listen on that port together with
> >>>> SSL and when I am writing
> >>>> command:
> >>>> openssl s_client -ssl3 -connect 192.168.0.120:9000
> >>>> then in the log of daemon I can see that connection was establish and
> >>>> working correctly.
> >>>> Including server certificate, SSL handshake and Secure Renegotiation
>
> >>>> I would like to created some client in Java but there I have some
> >>>> problems.
> >>>> When I run Java client application the in the daemon I see message:
>
> >>>> 24741:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> >>>> number:s3_pkt.c:295:
>
> >>>> My Java code is:
>
> >>> <snip />
>
> >>>> Those program is run from NetBeans directly
>
> >>> "Wrong version number". Check which version your OpenSSL client is,
> >>> check which version of Java you're using. Try updating both of them, to
> >>> see if it fixes it. If that doesn't help, are you tied to SSL 3.0? Java
> >>> supports TLS out-of-the-box.
>
> >>> Google for "SSL3_GET_RECORD:wrong version number:" did yield a lot of
> >>> results.
>
> >>> HTH.
>
> >> Also, check whether you're using the Sun Provider. Find out the which
> >> class the SSLContext instance you're getting is.
>
> > This I do not understand. I am using java JRE from Sun Java (or
> > Oracle) pages.
> > Also JDK is installed on the my computer.
> > How can I find what SSLContext instace is using?
>
> > One thing which I have observed during my tests is:
> > When my Java class is trying to connect openssl s_server all is
> > working fine.
> > When openssl s_client is trying to connect my C++ daemon that all is
> > working fine as well.
> > But when my Java class is trying to connect my C++ daemon that it
> > failed with the error described above.
>
> I misunderstood you. I thought you were calling OpenSSL from your C++
> daemon, that OpenSSL was actually your daemon. So the problem appears to
> be between what your Java program sends and what your C++ daemon
> expects, not between what your Java program sends and OpenSSL, as I had
> surmised.
>
> One way to check what provider your JRE is using is simply to do:
>   SSLContext.getInstance("SSLv3").getClass().getName()
> and to print out the result.
>
> I don't know how you can check what whichever C++ library ("s3_pkt.c")
> you're using expects, but I think the problem is between those two.
>
> As I mentioned, you might get out of your troubles simply by updating
> the libraries you're using (JRE and C++) to the latest versions. You can
> also search the web for the error you're getting. Sorry, but that's all
> I can currently think of.
>
> --
> DF.
> An escaped convict once said to me:
> "Alcatraz is the place to be"

The princip of my program should be Java applet has to communicate
with server on the specific port which should be secured over OpenSSL.
Both have to use libssl library.

I have found some articles like:
(for Java)
http://www.exampledepot.com/egs/javax.net.ssl/Server.html
http://stilius.net/java/java_ssl.php

(for C++)
http://www.metalshell.com/source_code/108/OpenSSL_Server_Example.html
http://h71000.www7.hp.com/doc/83final/ba554_90007/ch05s04.html

Back to comp.lang.java.programmer | Previous | Next — Previous in thread | Next in thread | Find similar

Thread

SSL client program Stone <phracek2@gmail.com> - 2011-05-13 01:09 -0700
  Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-13 18:39 +0200
    Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-13 18:57 +0200
      Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 01:54 -0700
        Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-14 17:34 +0200
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 09:45 -0700
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 09:48 -0700
            Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-14 21:23 +0200
              Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 12:34 -0700
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 11:35 -0700
        Re: SSL client program Esmond Pitt <esmond.pitt@bigpond.com> - 2011-05-16 16:54 +1000
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-16 03:08 -0700
            Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-16 05:22 -0700
              Re: SSL client program Esmond Pitt <esmond.pitt@bigpond.com> - 2011-05-17 09:33 +1000
                Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-19 01:46 -0700
                Re: SSL client program Esmond Pitt <esmond.pitt@bigpond.com> - 2011-05-20 14:15 +1000
                Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-20 01:56 -0700
                Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-20 02:00 -0700
    Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 01:49 -0700
  Re: SSL client program Lothar Kimmeringer <news200709@kimmeringer.de> - 2011-05-15 13:52 +0200
    Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-15 11:05 -0700
      Re: SSL client program Lothar Kimmeringer <news200709@kimmeringer.de> - 2011-05-16 08:46 +0200

csiph-web