3 Replies Latest reply on Dec 6, 2012 10:31 AM by Emanuel Chiavegato

    Struggling to get a SSL connection to work

    Emanuel Chiavegato Newbie

      Hi all,

       

         I am trying to configure a 2-way SSL authentication but I am getting the following error message:

       

      2012-12-06 12:26:15,990 WARN  [org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink] (New I/O server boss #1 (channelId: 1207153298, /0.0.0.0:30900)) Failed to initialize an accepted socket.

      java.security.NoSuchAlgorithmException: false KeyManagerFactory not available

              at sun.security.jca.GetInstance.getInstance(GetInstance.java:142)

              at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:121)

              at org.teiid.net.socket.SocketUtil.getSSLContext(SocketUtil.java:173)

              at org.teiid.transport.SSLConfiguration.getServerSSLEngine(SSLConfiguration.java:76)

              at org.teiid.transport.SSLAwareChannelHandler.getPipeline(SSLAwareChannelHandler.java:227)

              at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink$Boss.registerAcceptedChannel(NioServerSocketPipelineSink.java:276)

              at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink$Boss.run(NioServerSocketPipelineSink.java:247)

              at org.jboss.netty.util.internal.IoWorkerRunnable.run(IoWorkerRunnable.java:46)

              at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

              at java.lang.Thread.run(Thread.java:662)

       

         I have followed this steps https://community.jboss.org/wiki/GeneratingSelfSignedCertificateWithKeytool to create my client/server keystore and truststore. And I can confirm that both keys are working ok.

       

         My configuration on my client (SQuirreL) is

       

      ########################################

      # Settings file for Teiid clients

      ########################################

      org.teiid.ssl.keyStoreType=JKS

      org.teiid.ssl.keyStore=c:/client.keystore

      org.teiid.ssl.keyStorePassword=XYZ123

      org.teiid.ssl.trustStore=c:/server.truststore

      org.teiid.ssl.trustStorePassword=XYZ123

      org.teiid.ssl.protocol=SSLv3

      org.teiid.ssl.allowAnon=true

      org.teiid.sockets.soTimeout=3000

      org.teiid.sockets.maxCachedInstances=16

      org.teiid.sockets.synchronousttl=1800000

      org.teiid.sockets.receiveBufferSize=0

      org.teiid.sockets.sendBufferSize=0

      org.teiid.sockets.conserveBandwidth=false

       

         I have also tried configuring it using the -Djavax.net.ssl information as by the instructed by the following link https://community.jboss.org/wiki/SecureClientConnectionsUsingSSLInTeiid . Again creating the same error message.

       

         My configuration on the server side (teiid-jboss-beans.xml) is

       

      <!-- JDBC Socket connection properties (SSL see below) -->

         <bean name="JdbcSocketConfiguration" class="org.teiid.transport.SocketConfiguration">

            <property name="name">JdbcSocketConfiguration</property>

            <property name="enabled">true</property>

            <property name="bindAddress">${jboss.bind.address}</property>

            <property name="portNumber">30900</property>

            <property name="maxSocketThreads">0</property>

            <property name="inputBufferSize">0</property>

            <property name="outputBufferSize">0</property>

            <property name="SSLConfiguration">

               <inject bean="JdbcSslConfiguration"/>

            </property>

         </bean>

         <bean name="JdbcSslConfiguration" class="org.teiid.transport.SSLConfiguration">

            <property name="mode">enabled</property>

            <property name="keystoreFilename">/deploy/server.keystore</property>

            <property name="keystorePassword">XYZ123</property>

            <property name="keystoreType">JKS</property>

            <property name="sslProtocol">SSLv3</property>

            <property name="keymanagementAlgorithm">false</property>

            <property name="truststoreFilename">/deploy/client.truststore</property>

            <property name="truststorePassword">XYZ123</property>

            <property name="authenticationMode">2-way</property>

         </bean>

       

      Any ideas please?

       

      Many thanks