1 Reply Latest reply on Aug 2, 2005 11:47 AM by Benoit Xhenseval

    JNDI over HTTPS

    Markus May Newbie

      We are trying to use SSL for the encryption of the communication between JBoss (3.2.3) and our Client. HTTP works fine, but we have some trouble using HTTPS or JNPS.
      I get the error Message "javax.naming.NamingException: Failed to retrieve Naming interface " and "Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found". We are using a demo-certificate, and I believe this is not signed. Is there a simple solution for accepting even untrusted certificates?
      I found already a solution at http://www.jboss.org/index.html?module=bb&op=viewtopic&t=62783, but for this, we have to add some new code, and don't want to do this.

        • 1. Re: JNDI over HTTPS
          Benoit Xhenseval Newbie

          We had to add some code...

           System.out.println("Connect HTTPS");
           Properties prop = System.getProperties();
          
           prop.put("java.naming.factory.initial","org.jboss.naming.HttpNamingContextFactory");
           prop.put("org.jboss.security.ignoreHttpsHost","true");
           final int newPort = ConsoleMenu.getInt("Enter the port (current:" + 8443 +")", 8443);
           prop.put("java.naming.provider.url","https://"+host+":"+newPort+"/invoker/JNDIFactory");
          
           // Create a trust manager that does not validate certificate chains
           TrustManager[] trustAllCerts = new TrustManager[]{
           new X509TrustManager() {
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
           return null;
           }
           public void checkClientTrusted(
           java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
           java.security.cert.X509Certificate[] certs, String authType) {
           }
           }
           };
          
           // Install the all-trusting trust manager
           try {
           SSLContext sc = SSLContext.getInstance("SSL");
           sc.init(null, trustAllCerts, new java.security.SecureRandom());
           HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
           } catch (Exception e) {
           }
          
           RefDataProviderHome home;
           try {
           System.err.println("About to connect to JNDI HTTPS");
           InitialContext context = new InitialContext(prop);
          
           final Object objref = context.lookup("RefDataProviderBean");
           EJBHome anEJBHome = (EJBHome) PortableRemoteObject
           .narrow(objref, RefDataProviderHome.class);
          ...
          


          Hope this helps!

          Benoti