0 Replies Latest reply on Dec 1, 2003 7:29 AM by kristiane

    SSL encryption and NoRouteToHostException

    kristiane Newbie


      I am trying to setup SSL encryption between an applet and JBoss server. I running into a really wired problem. Accessing my EJBs on JBoss from my applet, by using both hostname and domain name in PROVIDER_URL throws a NoRouteToHostException!

      The SSL negociation and setup seems to go fine. I can see this by setting javax.net.debug=all and look at the output...

      Accessing the JBoss server using hostname+domain name does NOT work. If I setting the PROVIDER_URL in the client to:

      env.setProperty(Context.PROVIDER_URL, "https://mbas.radiomarittimi.it:8443/invoker/JNDIFactory");

      And then setting in /etc/hosts:
      mbas.radiomarittimi.it <some ip address>

      The first call on an EJB will throw a NoRouteToHostException "no route to host"!

      And now to the really wired part. If changing the entry in my /etc/hosts file to
      mbas <some ip address>

      The calls to EJBs will succeed!

      It seems that the applet (JSSE or JBoss client libs) uses the CN field in the SSL certificate to lookup the ip address for the JBoss server. The field states CN=mbas.radiomarittimi.it, but the applet seems to be using the "https://mbas:8443"....

      I need the to use both hostname and domain name, since the applets are to be used one the Internet, where the applet need to perform a DNS lookup of the JBoss server.

      I am using JBoss 3.2.1 and JDK 1.4.2. The applet uses http-invokers and JBoss client libs.

      The "mbas.radiomarittimi.it" is located behind a firewall, but since I can ping it from the client PC using its hostname+domain name, it should be Ok...

      This is some of the applet code, to init the context:

      Properties env = new Properties();

      env.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.HttpNamingContextFactory");
      env.setProperty(Context.PROVIDER_URL, "https://mbas.radiomarittimi.it:8443/invoker/JNDIFactory");

      System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
      System.setProperty("org.jboss.security.ignoreHttpsHost", "true");
      System.setProperty ("javax.net.debug", "all");

      m_context = new InitialContext(env);

      Does anyone have any idea how to solve this problem? Is there any properties I have set wrong or not set, on the client side?

      - Kristian

      PS! I can mail the SSL setup log if that is interesting...