I am working with GSSAPI successfully with JAVA 5. With JAVA 6 and 7 the InitialLdapContext call fails with the following stacktrace:
>>>KRBError:
sTime is Fri Jun 14 13:40:01 CEST 2013 1371210001000
suSec is 948732
error code is 7
error Message is Server not found in Kerberos database
realm is DE.XXX.NET
sname is ldap/yyy.de.xxx.net
msgType is 30
KrbException: Server not found in Kerberos database (7)
at sun.security.krb5.KrbTgsRep.<init>(Unknown Source)
at sun.security.krb5.KrbTgsReq.getReply(Unknown Source)
at sun.security.krb5.KrbTgsReq.sendAndGetCreds(Unknown Source)
at sun.security.krb5.internal.CredentialsUtil.serviceCreds(Unknown Source)
at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(Unknown Source)
at sun.security.krb5.Credentials.acquireServiceCreds(Unknown Source)
at sun.security.jgss.krb5.Krb5Context.initSecContext(Unknown Source)
at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
at sun.security.jgss.GSSContextImpl.initSecContext(Unknown Source)
at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(Unknown Source)
at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(Unknown Source)
at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)
at kerberos.UserRoles2.getUserRoles(UserRoles2.java:27)
at kerberos.Server$2.run(Server.java:240)
at kerberos.Server$2.run(Server.java:1)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Unknown Source)
at kerberos.Server.getRoles(Server.java:233)
at kerberos.Server.main(Server.java:95)
Caused by: KrbException: Identifier doesn't match expected value (906)
at sun.security.krb5.internal.KDCRep.init(Unknown Source)
at sun.security.krb5.internal.TGSRep.init(Unknown Source)
at sun.security.krb5.internal.TGSRep.<init>(Unknown Source)
... 29 more
Problem searching directory: javax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7))]]
Does anybody has an idea what ist going wrong in Java 6 or 7?
The ktab file is created with the ktab tool of a jre 7.
"c:\Program Files\Java\jre7\bin\ktab.exe" -a user#DOMAIN.DE password -k my.keytab -n 0
"c:\Program Files\Java\jre7\bin\ktab.exe" -a Service/host#DOMAIN.DE password -k my.keytab -n 0
Windows server 2008 Active directory
Please remember: If I am using Java 5 the InitialLdapContext call is working as expected.
Thanks in advance
Michael
Problem is solved.
I have used an alias dns name for the ldap_url property. In Java 1.5 the alias dns name was resolved to the real dns name. In Java 1.6 and 1.7 the resolving does not happen.
The change to a real dns name solved the problem.
Related
I am trying to create a libGDX project but all i get is errors and when i try to import the project even though i have errors i get more errors and stuff.
Since i cannot post pictures yet i will type the libGDX project setup.
Name: Dodge
Package: com.fam.dodge
Game class: Dodge
Destination: C:\Users\adam-_000\Desktop\Dodge\Gradle Folders
Android SDK: C:\Users\adam-_000\Documents\Android SDK
libGDX Version: Release 1.5.5
Sub projects: Desktop, Android, Ios
Extensions: Freetype, Box2D
Advanced settings: Generate Eclipse project files
And that is basically it. This is the error message(s) im getting:
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching services.gradle.org found.
at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:78)
at org.gradle.wrapper.Install.createDist(Install.java:47)
at org.gradle.wrapper.WrapperExecutor.execute(WrapperExecutor.java:129)
at org.gradle.wrapper.GradleWrapperMain.main(GradleWrapperMain.java:61)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching services.gradle.org found.
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.gradle.wrapper.Download.downloadInternal(Download.java:59)
at org.gradle.wrapper.Download.download(Download.java:45)
at org.gradle.wrapper.Install$1.call(Install.java:60)
at org.gradle.wrapper.Install$1.call(Install.java:47)
at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:65)
... 3 more
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching services.gradle.org found.
at sun.security.util.HostnameChecker.matchDNS(Unknown Source)
at sun.security.util.HostnameChecker.match(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 21 more
Thank you for any help! :)
I've the same problem. It's graved in gradle. ( Details here http://www.mkyong.com/webservices/jax-ws/java-security-cert-certificateexception-no-name-matching-localhost-found/ )
But here is a simple solution to the problem. Just change https to http protocol in $(ProjectDir)/gradle/wrapper/gradle-wrapper.properties
change line from
distributionUrl=https://services.gradle.org/distributions/gradle-2.2-all.zip
to
distributionUrl=http://services.gradle.org/distributions/gradle-2.2-all.zip
I have a Java applet that I use to read SD card data from a user's PC. The applet lives on a web site that you log in to. To log-in to the web site you must use a browser certificate. Once you're logged in, you go to the SD card download page, the applet initializes, reads the card data, and sends it to some JavaScript on the page.
The issue that I have now is that the applet does not load since installing Java 8 on my browser. Specifically it does not work in any version of IE (tested 8, 9, 10, and 11). It runs fine in Firefox. I have not tried Chrome.
I haven't found anyone else who has a similar issue. It could be because it is relatively new. Does anyone know why this is happening and have any idea how to fix it?
There is a stacktrace in the Java console in IE8 that looks relevant. Here are some interesting pieces:
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
...
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
...
com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp
Edit: Here's an additional piece of info. The applet works correctly on a different server with with OpenSSL 1.0.1i. The applet does not work with the original server which has OpenSSL 1.0.0m.
Here is the full log. The stacktrace does not appear in the log for Firefox.
Java Plug-in 11.25.2.18
Using JRE version 1.8.0_25-b18 Java HotSpot(TM) Client VM
User home directory = C:\Users\codyj
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
network: Created version ID: 1.8.0.25
network: Created version ID: 1.8
network: Created version ID: 8.0.25
network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT
network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT
security: Loading SSL Root CA certificates from C:\Program Files (x86)\Java\jre1.8.0_25\lib\security\cacerts
security: Loaded SSL Root CA certificates from C:\Program Files (x86)\Java\jre1.8.0_25\lib\security\cacerts
security: Obtain certificate collection in SSL Root CA certificate store
security: Obtain certificate collection in SSL Root CA certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: Loading certificates from Internet Explorer DISALLOWED certificate store
security: Loaded certificates from Internet Explorer DISALLOWED certificate store
security: Loaded blacklisted.certs file: C:\Users\codyj\AppData\LocalLow\Sun\Java\Deployment\security\blacklisted.certs
security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: Checking if SSL certificate is in Deployment permanent certificate store
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: Saving certificates in Deployment session certificate store
security: Saved certificates in Deployment session certificate store
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
at java.security.Signature$Delegate.chooseProvider(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.security.Signature.initSign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
... 34 more
network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT
network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT
security: Obtain certificate collection in SSL Root CA certificate store
security: Obtain certificate collection in SSL Root CA certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
at java.security.Signature$Delegate.chooseProvider(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.security.Signature.initSign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
... 35 more
com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by:
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
at java.security.Signature$Delegate.chooseProvider(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.security.Signature.initSign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
... 35 more
network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT
network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT
security: Obtain certificate collection in SSL Root CA certificate store
security: Obtain certificate collection in SSL Root CA certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
basic: JNLP2Manager.initialize(): JNLP not available: /cardtocloud/cardtocloud.jnlp
basic: exception: null.
java.lang.NullPointerException
at sun.plugin2.applet.JNLP2Manager.getAppInfo(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Ignored exception: java.lang.NullPointerException
basic: Dialog type is not candidate for embedding
security: Reset deny session certificate store
Have you tried turning off "TLS 1.2" in your Java Console?
Java8 seems to use TLS 1.2 as default, so in case your server doesn't support it, you might get the same error as you mentioned.
https://blogs.oracle.com/java-platform-group/entry/java_8_will_use_tls
Please add the below command in Java Control panel.
go to java--view--in run time parameter paste this command.
-Djava.net.preferIPv4Stack=true.
It's working for me without any issues.
I am creating a Java applet which connects to SQLite database on the local file system. I've created a certificate for signing using keytool. I've signed every Jar file that I used and I can start the applet and it works great in Google chrome and IE.
I do get the standard Security warning dialog on which I have to click 'Ok' every time the page gets loaded but that's it. It works.
In an attempt to avoid this Security warning I've added the same certificate (via Java Control Panel) to the Signer CA certificate store. Now when browsing the page I do get the Security warning which allows me to check 'Do not ask me for the same publisher (or something like that)'. But the applet no longer works and I get the following list of exceptions in Java console
basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms
security: SHA-256Certificate finger print: 7478E95FEAC103F0934BD2DDB669DE9A6105AD26ABA30C0C9F3A61107BFEBF4D
network: Cache entry not found [url: file:/C:/Work/Projects/OP/SPA_Notes/web/web/java/SPA_NotesApplet.jar, version: null]
basic: exception: java.lang.reflect.InvocationTargetException.
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
... 14 more
Caused by: java.lang.NullPointerException
at sun.plugin2.applet.Plugin2ClassLoader.loadAllowedCodebases(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
... 18 more
basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter#175db37
security: Reset deny session certificate store
I am not really at home with either Java or its security settings so any help would be appreciated.
Just to repeat again: If I do not add the certificate to the "Signer CA" certificate store everything works fine. So I do not think that the signing of the JAR files is the problem. I am guessing that, either my self-created certificate is not suitable to be used as signer CA certificate, or its because there is no trust chain to verified CA (but I do not know why would this matter at all).
I'm trying to run a simple client-server program on two machines ,
I read this page but i got this errors :
Jun 04, 2012 6:43:10 PM com.sun.corba.se.impl.transport.SocketOrChannelConnectio
nImpl <init>
WARNING: "IOP00410201: (COMM_FAILURE) Connection failure: socketType: IIOP_CLEAR
_TEXT; hostname: xx.xx.xx.xx; port: 1050"
org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 201 completed: No
at com.sun.corba.se.impl.logging.ORBUtilSystemException.connectFailure(Unknown Source)
at com.sun.corba.se.impl.logging.ORBUtilSystemException.connectFailure(Unknown Source)
at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(Unknown Source)
at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(Unknown Source)
at com.sun.corba.se.impl.transport.SocketOrChannelContactInfoImpl.createConnection(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.beginRequest(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.request(Unknown Source)
at com.sun.corba.se.impl.resolver.BootstrapResolverImpl.invoke(Unknown Source)
at com.sun.corba.se.impl.resolver.BootstrapResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.resolver.CompositeResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.resolver.CompositeResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.resolver.CompositeResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.orb.ORBImpl.resolve_initial_references(Unknown Source)
at HelloClient.main(HelloClient.java:17)
Caused by: java.net.ConnectException: Connection refused: connect
at sun.nio.ch.Net.connect0(Native Method)
at sun.nio.ch.Net.connect(Unknown Source)
at sun.nio.ch.Net.connect(Unknown Source)
at sun.nio.ch.SocketChannelImpl.connect(Unknown Source)
at java.nio.channels.SocketChannel.open(Unknown Source)
at com.sun.corba.se.impl.transport.DefaultSocketFactoryImpl.createSocket(Unknown Source)
... 12 more
ERROR : org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 201 completed: No
org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 201 completed: No
at com.sun.corba.se.impl.logging.ORBUtilSystemException.connectFailure(Unknown Source)
at com.sun.corba.se.impl.logging.ORBUtilSystemException.connectFailure(Unknown Source)
at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(Unknown Source)
at com.sun.corba.se.impl.transport.SocketOrChannelConnectionImpl.<init>(Unknown Source)
at com.sun.corba.se.impl.transport.SocketOrChannelContactInfoImpl.createConnection(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.beginRequest(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.request(Unknown Source)
at com.sun.corba.se.impl.resolver.BootstrapResolverImpl.invoke(Unknown Source)
at com.sun.corba.se.impl.resolver.BootstrapResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.resolver.CompositeResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.resolver.CompositeResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.resolver.CompositeResolverImpl.resolve(Unknown Source)
at com.sun.corba.se.impl.orb.ORBImpl.resolve_initial_references(Unknown Source)
at HelloClient.main(HelloClient.java:17)
Caused by: java.net.ConnectException: Connection refused: connect
at sun.nio.ch.Net.connect0(Native Method)
at sun.nio.ch.Net.connect(Unknown Source)
at sun.nio.ch.Net.connect(Unknown Source)
at sun.nio.ch.SocketChannelImpl.connect(Unknown Source)
at java.nio.channels.SocketChannel.open(Unknown Source)
at com.sun.corba.se.impl.transport.DefaultSocketFactoryImpl.createSocket(Unknown Source)
... 12 more
Could you please let me know how can i run a simple program like " Hello Wrold " on two machines over internet using Corba and java?
Regards.
how can i run a simple program like " Hello Wrold " on two machines over internet using Corba and java?
I think over the internet is key here. You need to make sure that:
the server is accessible to the client on the IP address you specify (i.e. either the IP address is public, or there are appropriate masquarading rules set up on any relevant firewalls);
there are appropriate firewall and/or port forwarding rules that allow the client to access port 1050 on the server.
I would recommend to first get the client and the server working when run on the same subnet, and only then move on to a distributed setup.
Run orb start orbd -ORBInitialPort 1050
Run your class client and server with: -ORBInitialPort 1050 -ORBInitialHost localhost
or alternative:
1. Run server:
tnameserv -ORBInitialPort 1050
Run client:
java YourServer -ORBInitialPort 1050
java YourClient -ORBInitialHost 127.0.0.1 -ORBInitialPort 1050
a similar problem
I have several programs that use SunMSCAPI to read web pages that require an SSL certificate. My code works under Windows XP (32 bit) but does not work under my fresh installation of Windows 7 (64 bit). Here is the piece of code:
System.setProperty("javax.net.ssl.keyStoreProvider", "SunMSCAPI");
System.setProperty("javax.net.ssl.keyStoreType", "WINDOWS-MY");
System.setProperty("javax.net.ssl.trustStoreProvider", "SunMSCAPI");
System.setProperty("javax.net.ssl.trustStoreType", "WINDOWS-ROOT");
System.setProperty("proxyHost", "proxy");
System.setProperty("proxyPort", "8080");
URL url = new URL(TEST_URL);
try {
HttpsURLConnection httpsCon = (HttpsURLConnection) url.openConnection();....
And here is the stack trace:
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
at java.security.Provider$Service.newInstance(Unknown Source)
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at javax.net.ssl.SSLContext.getInstance(Unknown Source)
at javax.net.ssl.SSLContext.getDefault(Unknown Source)
at javax.net.ssl.SSLSocketFactory.getDefault(Unknown Source)
at javax.net.ssl.HttpsURLConnection.getDefaultSSLSocketFactory(Unknown Source)
at javax.net.ssl.HttpsURLConnection.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.<init>(Unknown Source)
at sun.net.www.protocol.https.Handler.openConnection(Unknown Source)
at sun.net.www.protocol.https.Handler.openConnection(Unknown Source)
at java.net.URL.openConnection(Unknown Source)
at GetData2.SetVallues(GetData2.java:56) *// HttpsURLConnection httpsCon = (HttpsURLConnection) url.openConnection();*
... 2 more
Caused by: java.security.NoSuchProviderException: no such provider: SunMSCAPI
at sun.security.jca.GetInstance.getService(Unknown Source)
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
at java.security.KeyStore.getInstance(Unknown Source)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultKeyManager(Unknown Source)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
... 15 more
I've tried also following example http://muhammadhamed.blogspot.com/2010/04/accessing-ms-certificate-stores-in-java.html but again received this NoSuchProviderException. My guess is that there is some configuration error but I'm not sure what it is.
Here is my JVM information:
java version "1.6.0_23"
Java(TM) SE Runtime Environment (build 1.6.0_23-b05)
Java HotSpot(TM) 64-Bit Server VM (build 19.0-b09, mixed mode)
I hope somebody will be able to help me :-)
Best regards.
The J2SE Security page only says that the MS CryptoAPI (which SunMSCAPI uses) is only available under Java 6 on 32-bit Windows.
Luckily, you can still install the 32-bit JVM on Win64.