Hello Gurus,
I am trying to enable SSL and client Cert validation using self signed certificates generated using CertificateGenerator tool.
However couldn’t get it working using java client.
Here is the error while running the client.
[Tue Mar 21 00:38:39 IST 2017],Constructing Custom SSL SocketFactory
[Tue Mar 21 00:38:39 IST 2017],Getting Default SSL SocketFactory
[Tue Mar 21 00:38:39 IST 2017],Failed to connect to Realm on first attempt - nSessionAttributes:conns=1/[nsps://localhost:8443/] - com.pcbsys.nirvana.client.nRealmUnreachableException: Realm is currently not reachable:com.pcbsys.foundation.base.fException: SSL exception received when connecting to - [nsps://localhost:8443/] (check cause for underlying exception)
[Tue Mar 21 00:38:42 IST 2017],Getting Default SSL SocketFactory
[Tue Mar 21 00:38:44 IST 2017],Getting Default SSL SocketFactory
javax.jms.JMSException: com.pcbsys.nirvana.client.nRealmUnreachableException: Realm is currently not reachable:Realm was still unreachable after max retry count - nSessionAttributes:conns=1/[nsps://localhost:8443/] : nsps://localhost:8443/
at com.pcbsys.nirvana.nJMS.ConnectionImpl.init(ConnectionImpl.java:810)
at com.pcbsys.nirvana.nJMS.QueueConnectionFactoryImpl.createQueueConnectionImpl(QueueConnectionFactoryImpl.java:330)
at com.pcbsys.nirvana.nJMS.QueueConnectionFactoryImpl.createQueueConnectionImpl(QueueConnectionFactoryImpl.java:324)
at com.pcbsys.nirvana.nJMS.QueueConnectionFactoryImpl.createQueueConnection(QueueConnectionFactoryImpl.java:237)
at com.pcbsys.nirvana.nJMSApps.JMSQTest.doIt(JMSQTest.java:115)
at com.pcbsys.nirvana.nJMSApps.JMSQTest.main(JMSQTest.java:57)
Caused by: com.pcbsys.nirvana.client.nRealmUnreachableException: Realm is currently not reachable:Realm was still unreachable after max retry count - nSessionAttributes:conns=1/[nsps://localhost:8443/]
at com.pcbsys.nirvana.client.nSession.establishFirstConnection(nSession.java:7628)
at com.pcbsys.nirvana.client.nSession.actualInit(nSession.java:6278)
at com.pcbsys.nirvana.client.nSession.init(nSession.java:6207)
at com.pcbsys.nirvana.client.nSession.init(nSession.java:6159)
at com.pcbsys.nirvana.client.nSession.init(nSession.java:6143)
at com.pcbsys.nirvana.nJMS.ConnectionImpl.init(ConnectionImpl.java:782)
… 5 more
Caused by: com.pcbsys.foundation.base.fException: SSL exception received when connecting to - [nsps://localhost:8443/] (check cause for underlying exception)
at com.pcbsys.foundation.drivers.fDriverFactory.attemptConnection(fDriverFactory.java:552)
at com.pcbsys.foundation.drivers.fDriverFactory.doConnect(fDriverFactory.java:460)
at com.pcbsys.foundation.drivers.fDriverFactory.connect(fDriverFactory.java:412)
at com.pcbsys.foundation.drivers.fDriverFactory.connect(fDriverFactory.java:404)
at com.pcbsys.foundation.io.fDefaultConnectionFactory.establishConnection(fDefaultConnectionFactory.java:83)
at com.pcbsys.foundation.io.fConnection.createConnection(fConnection.java:748)
at com.pcbsys.nirvana.client.nSession.establishConnection(nSession.java:7603)
at com.pcbsys.nirvana.client.nSession.establishFirstConnection(nSession.java:7620)
… 10 more
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificateChain(SSLSessionImpl.java:482)
at com.pcbsys.foundation.drivers.fSSLSocketDriver.createSocket(fSSLSocketDriver.java:311)
at com.pcbsys.foundation.drivers.fSocketDriver.(fSocketDriver.java:318)
at com.pcbsys.foundation.drivers.fSSLSocketDriver.(fSSLSocketDriver.java:258)
at com.pcbsys.foundation.drivers.fDriverFactory.attemptConnection(fDriverFactory.java:506)
… 17 more
Code snippet for setting up the environment :
env.put(“nirvana.ssl.keystore.path”,“C:\SoftwareAG\UniversalMessaging\server\umserver2\bin\client.jks”);
env.put(“nirvana.ssl.keystore.pass”, “nirvana”);
env.put(“nirvana.ssl.keystore.cert”, “nirvana client”);
// Certificate alias for the client to use when connecting to an interface
// with client validation enabled
env.put(“nirvana.ssl.truststore.path”,“C:\SoftwareAG\UniversalMessaging\server\umserver2\bin\nirvanacacerts.jks”);
env.put(“nirvana.ssl.truststore.pass”, “nirvana”);
env.put(“nirvana.ssl.protocol”, “TLSV1”);
Can you give me some pointers to fix this.
Thanks.
Vishal