Opened a socket with ssl. isConnected returns true. But when sending data get 403

Hi,
I did this with the following VM params:

-Djavax.net.ssl.trustStore=mySrvKeystore -Djavax.net.ssl.trustStorePassword=123456

isConnected is true but when sending data via the channel I get:

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5

What I did is in IIS I created a certificate then exported it and imported to my keystore....

Any idea? Because via the browser I can access the server.

Thanks!

Well, to get an error 403 you must be connected first, so that part is correct.

Error 403 means that you must provide some form of authentication, and you haven't provided the right authentication. Since you say it works just fine in your browser I'm guessing that the website uses NTLM authentication; in other words, your Windows username / password are used. You need to provide them manually. With URLConnection / HttpURLConnection / HttpsURLConnection, java.net.Authenticator would be the way to go. With HttpClient there is class NTCredentials. With direct socket connections, I have no idea how to send the authentication details.

Rob Spoor wrote:Well, to get an error 403 you must be connected first, so that part is correct.

Error 403 means that you must provide some form of authentication, and you haven't provided the right authentication. Since you say it works just fine in your browser I'm guessing that the website uses NTLM authentication; in other words, your Windows username / password are used. You need to provide them manually. With URLConnection / HttpURLConnection / HttpsURLConnection, java.net.Authenticator would be the way to go. With HttpClient there is class NTCredentials. With direct socket connections, I have no idea how to send the authentication details.

I can't use that.
This is what I am using now:

private SocketChannel getSSLChannel() throws IOException, GeneralSecurityException, KeyManagementException, KeyStoreException, CertificateException {
        SSLClient client = new SSLClient();

// Let's trust usual "cacerts" that come with Java.  Plus, let's also trust a self-signed cert
// we know of.  We have some additional certs to trust inside a java keystore file.
        client.addTrustMaterial( TrustMaterial.DEFAULT );
        client.addTrustMaterial( new TrustMaterial( "ippcert.cer" ) );

// To be different, let's allow for expired certificates (not recommended).
        client.setCheckHostname( true );  // default setting is "true" for SSLClient
        client.setCheckExpiry( false );   // default setting is "true" for SSLClient
        client.setCheckCRL( true );       // default setting is "true" for SSLClient

// Let's load a client certificate (max: 1 per SSLClient instance).
        client.setKeyMaterial( new KeyMaterial( "ippcert.pfx", "sdfert".toCharArray() ) );
        SSLSocket s = (SSLSocket) client.createSocket( "abc.sdfg.com", 443 );
        SocketChannel channel = s.getChannel();

channel = channel.open();
        channel.connect(new InetSocketAddress(uri.getHost(), 443));

return channel;
    }

I get CONNECT$ED SOCKET. But still 403 or it just gets stuck!

As I said before, you will need to send the credentials you need to login with. As you cannot use a higher level of abstraction like HttpClient or even URLConnection, you will need to figure out how to send these credentials manually.