Meaningless Drivel is fun!*
The moose likes Security and the fly likes SSLHandshakeException Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "SSLHandshakeException " Watch "SSLHandshakeException " New topic
Author

SSLHandshakeException

Eskil Lind
Greenhorn

Joined: Apr 05, 2003
Posts: 11
My environment is WebSphere Application Server (WAS) 5.0.
In my test environment I am not using SSL and there I can use launchClient.bat successfully to connect to websphere (rmi).
In my production-environment we have SSL and Global security enabled in WAS.
We use a certificate from Thawte successfully with HTTP-server and WAS, but when I try to use the same certificate (jks-file) with launchClient.bat I got the following error:
CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET: JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security. reason: unknown certificate minor code: 49421070
a)
I have added one parameter in launchClient.bat: -Dcom.ibm.CORBA.ConfigURL="file:/e:/WebSphere/AppServer/properties/sas.client.props"
b)
in this sas.client.props file I have the following directives:
com.ibm.ssl.protocol=SSLv3
com.ibm.ssl.keyStoreType=JKS
com.ibm.ssl.keyStore=E\:/WebSphere/AppServer/WASV5ServerKeyFile.jks
com.ibm.ssl.keyStorePassword={xor}...........
com.ibm.ssl.trustStoreType=JKS
com.ibm.ssl.trustStore=E\:/WebSphere/AppServer/WASV5ServerTrustFile.jks
ssl/WASV5ClientTrustFile.jks
com.ibm.ssl.trustStorePassword={xor}...........
com.ibm.CORBA.standardPerformQOPModels=high

I point to the same jks-files as I use in my SSL-settings in WAS.
I use SSLv3 and a 128 bit certificate.
Anybody that has done this successfully ?
I welcome any suggestions.
 
 
subject: SSLHandshakeException