3 Replies Latest reply: Dec 6, 2012 10:31 AM by Emanuel Chiavegato RSS

Struggling to get a SSL connection to work

Emanuel Chiavegato Newbie

Hi all,

 

   I am trying to configure a 2-way SSL authentication but I am getting the following error message:

 

2012-12-06 12:26:15,990 WARN  [org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink] (New I/O server boss #1 (channelId: 1207153298, /0.0.0.0:30900)) Failed to initialize an accepted socket.

java.security.NoSuchAlgorithmException: false KeyManagerFactory not available

        at sun.security.jca.GetInstance.getInstance(GetInstance.java:142)

        at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:121)

        at org.teiid.net.socket.SocketUtil.getSSLContext(SocketUtil.java:173)

        at org.teiid.transport.SSLConfiguration.getServerSSLEngine(SSLConfiguration.java:76)

        at org.teiid.transport.SSLAwareChannelHandler.getPipeline(SSLAwareChannelHandler.java:227)

        at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink$Boss.registerAcceptedChannel(NioServerSocketPipelineSink.java:276)

        at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink$Boss.run(NioServerSocketPipelineSink.java:247)

        at org.jboss.netty.util.internal.IoWorkerRunnable.run(IoWorkerRunnable.java:46)

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

        at java.lang.Thread.run(Thread.java:662)

 

   I have followed this steps https://community.jboss.org/wiki/GeneratingSelfSignedCertificateWithKeytool to create my client/server keystore and truststore. And I can confirm that both keys are working ok.

 

   My configuration on my client (SQuirreL) is

 

########################################

# Settings file for Teiid clients

########################################

org.teiid.ssl.keyStoreType=JKS

org.teiid.ssl.keyStore=c:/client.keystore

org.teiid.ssl.keyStorePassword=XYZ123

org.teiid.ssl.trustStore=c:/server.truststore

org.teiid.ssl.trustStorePassword=XYZ123

org.teiid.ssl.protocol=SSLv3

org.teiid.ssl.allowAnon=true

org.teiid.sockets.soTimeout=3000

org.teiid.sockets.maxCachedInstances=16

org.teiid.sockets.synchronousttl=1800000

org.teiid.sockets.receiveBufferSize=0

org.teiid.sockets.sendBufferSize=0

org.teiid.sockets.conserveBandwidth=false

 

   I have also tried configuring it using the -Djavax.net.ssl information as by the instructed by the following link https://community.jboss.org/wiki/SecureClientConnectionsUsingSSLInTeiid . Again creating the same error message.

 

   My configuration on the server side (teiid-jboss-beans.xml) is

 

<!-- JDBC Socket connection properties (SSL see below) -->

   <bean name="JdbcSocketConfiguration" class="org.teiid.transport.SocketConfiguration">

      <property name="name">JdbcSocketConfiguration</property>

      <property name="enabled">true</property>

      <property name="bindAddress">${jboss.bind.address}</property>

      <property name="portNumber">30900</property>

      <property name="maxSocketThreads">0</property>

      <property name="inputBufferSize">0</property>

      <property name="outputBufferSize">0</property>

      <property name="SSLConfiguration">

         <inject bean="JdbcSslConfiguration"/>

      </property>

   </bean>

   <bean name="JdbcSslConfiguration" class="org.teiid.transport.SSLConfiguration">

      <property name="mode">enabled</property>

      <property name="keystoreFilename">/deploy/server.keystore</property>

      <property name="keystorePassword">XYZ123</property>

      <property name="keystoreType">JKS</property>

      <property name="sslProtocol">SSLv3</property>

      <property name="keymanagementAlgorithm">false</property>

      <property name="truststoreFilename">/deploy/client.truststore</property>

      <property name="truststorePassword">XYZ123</property>

      <property name="authenticationMode">2-way</property>

   </bean>

 

Any ideas please?

 

Many thanks