Struggling to get a SSL connection to work
maneuk Dec 6, 2012 9:10 AMHi all,
I am trying to configure a 2-way SSL authentication but I am getting the following error message:
2012-12-06 12:26:15,990 WARN [org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink] (New I/O server boss #1 (channelId: 1207153298, /0.0.0.0:30900)) Failed to initialize an accepted socket.
java.security.NoSuchAlgorithmException: false KeyManagerFactory not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:142)
at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:121)
at org.teiid.net.socket.SocketUtil.getSSLContext(SocketUtil.java:173)
at org.teiid.transport.SSLConfiguration.getServerSSLEngine(SSLConfiguration.java:76)
at org.teiid.transport.SSLAwareChannelHandler.getPipeline(SSLAwareChannelHandler.java:227)
at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink$Boss.registerAcceptedChannel(NioServerSocketPipelineSink.java:276)
at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink$Boss.run(NioServerSocketPipelineSink.java:247)
at org.jboss.netty.util.internal.IoWorkerRunnable.run(IoWorkerRunnable.java:46)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
I have followed this steps https://community.jboss.org/wiki/GeneratingSelfSignedCertificateWithKeytool to create my client/server keystore and truststore. And I can confirm that both keys are working ok.
My configuration on my client (SQuirreL) is
########################################
# Settings file for Teiid clients
########################################
org.teiid.ssl.keyStoreType=JKS
org.teiid.ssl.keyStore=c:/client.keystore
org.teiid.ssl.keyStorePassword=XYZ123
org.teiid.ssl.trustStore=c:/server.truststore
org.teiid.ssl.trustStorePassword=XYZ123
org.teiid.ssl.protocol=SSLv3
org.teiid.ssl.allowAnon=true
org.teiid.sockets.soTimeout=3000
org.teiid.sockets.maxCachedInstances=16
org.teiid.sockets.synchronousttl=1800000
org.teiid.sockets.receiveBufferSize=0
org.teiid.sockets.sendBufferSize=0
org.teiid.sockets.conserveBandwidth=false
I have also tried configuring it using the -Djavax.net.ssl information as by the instructed by the following link https://community.jboss.org/wiki/SecureClientConnectionsUsingSSLInTeiid . Again creating the same error message.
My configuration on the server side (teiid-jboss-beans.xml) is
<!-- JDBC Socket connection properties (SSL see below) -->
<bean name="JdbcSocketConfiguration" class="org.teiid.transport.SocketConfiguration">
<property name="name">JdbcSocketConfiguration</property>
<property name="enabled">true</property>
<property name="bindAddress">${jboss.bind.address}</property>
<property name="portNumber">30900</property>
<property name="maxSocketThreads">0</property>
<property name="inputBufferSize">0</property>
<property name="outputBufferSize">0</property>
<property name="SSLConfiguration">
<inject bean="JdbcSslConfiguration"/>
</property>
</bean>
<bean name="JdbcSslConfiguration" class="org.teiid.transport.SSLConfiguration">
<property name="mode">enabled</property>
<property name="keystoreFilename">/deploy/server.keystore</property>
<property name="keystorePassword">XYZ123</property>
<property name="keystoreType">JKS</property>
<property name="sslProtocol">SSLv3</property>
<property name="keymanagementAlgorithm">false</property>
<property name="truststoreFilename">/deploy/client.truststore</property>
<property name="truststorePassword">XYZ123</property>
<property name="authenticationMode">2-way</property>
</bean>
Any ideas please?
Many thanks