-
Bug
-
Resolution: Cannot Reproduce
-
P2
-
None
-
1.0.1
-
x86
-
windows_nt
Env: WinNT 4.0 as client and Server over LAN (no proxy or firewall)
JSSE 1.01 (128 bit)
While using the sample code provided under the rmi example, on 128 bit version, when client authentication is used, I get certificate unknown error.
The problem does not come up on JSSE 1.0 40 bit version. On 1.01 128 bit version, the problem comes up only when used with client authentication.
Entire code and relevant files are attached. Also attached is trace with
-Djavax.net.debug=all (file is debugtrace.txt)
Steps followed:
1. Generate a key pair with
keytool -genkey -keyalg "RSA" -sigalg "MD5withRSA" -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=SG" -alias
coe -keypass kpi135 -keystore testkeystore -storepass ab987c -validity 180
2. Generate a request with
keytool -keystore testkeystore -alias coe -certreq -file request.csr
3. Sign the request with Microsoft Certificate Server
with service pack 6 128bits version
4. Import the signed certtifcate and root certificate into testkeystore
keytool -import -file coe2root.cer -keystore testkeystore -alias coe2root
keytool -import -file newcert.cer -keystore testkeystore -alias servercert
5. Obtain client certificate into Netscape Browser from Microsoft Certificate Server.
Export client certificate from Netscape browser into pkcs12 format
I run the RMI SSL sample provided by JSSE with my own key and trust
manager. (refer to attached code)
I obtain certificate_unknown exception. However, when I run the same
program with JSSE 1.0 40 bits version. The program is working fine.
---- below is the exception error I obtained
>HelloClient exception: Error marshaling transport header; nested
>exception
>is:
> javax.net.ssl.SSLException: Received fatal alert:
>certificate_unknown
>java.rmi.MarshalException: Error marshaling transport header; nested
>exception i
>s:
> javax.net.ssl.SSLException: Received fatal alert:
>certificate_unknown
>javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
> at
>com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Compiled Code)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Compiled Code)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Compiled
>Code)
> at java.io.OutputStream.write(Compiled Code)
> at
>com.sun.net.ssl.internal.ssl.SSLSocketImpl.getSession([DashoPro-V1.2-
>120198])
> at RMISSLClientSocketFactory.createSocket(Compiled Code)
> at
>sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:462)
> at
>sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:194
>)
> at sun.rmi.transport.tcp.TCPChannel.newConnection(Compiled Code)
> at sun.rmi.server.UnicastRef.invoke(Compiled Code)
> at HelloImpl_Stub.sayHello(Unknown Source)
> at HelloClient.main(HelloClient.java:30)
>
JSSE 1.01 (128 bit)
While using the sample code provided under the rmi example, on 128 bit version, when client authentication is used, I get certificate unknown error.
The problem does not come up on JSSE 1.0 40 bit version. On 1.01 128 bit version, the problem comes up only when used with client authentication.
Entire code and relevant files are attached. Also attached is trace with
-Djavax.net.debug=all (file is debugtrace.txt)
Steps followed:
1. Generate a key pair with
keytool -genkey -keyalg "RSA" -sigalg "MD5withRSA" -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=SG" -alias
coe -keypass kpi135 -keystore testkeystore -storepass ab987c -validity 180
2. Generate a request with
keytool -keystore testkeystore -alias coe -certreq -file request.csr
3. Sign the request with Microsoft Certificate Server
with service pack 6 128bits version
4. Import the signed certtifcate and root certificate into testkeystore
keytool -import -file coe2root.cer -keystore testkeystore -alias coe2root
keytool -import -file newcert.cer -keystore testkeystore -alias servercert
5. Obtain client certificate into Netscape Browser from Microsoft Certificate Server.
Export client certificate from Netscape browser into pkcs12 format
I run the RMI SSL sample provided by JSSE with my own key and trust
manager. (refer to attached code)
I obtain certificate_unknown exception. However, when I run the same
program with JSSE 1.0 40 bits version. The program is working fine.
---- below is the exception error I obtained
>HelloClient exception: Error marshaling transport header; nested
>exception
>is:
> javax.net.ssl.SSLException: Received fatal alert:
>certificate_unknown
>java.rmi.MarshalException: Error marshaling transport header; nested
>exception i
>s:
> javax.net.ssl.SSLException: Received fatal alert:
>certificate_unknown
>javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
> at
>com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Compiled Code)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Compiled Code)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Compiled
>Code)
> at java.io.OutputStream.write(Compiled Code)
> at
>com.sun.net.ssl.internal.ssl.SSLSocketImpl.getSession([DashoPro-V1.2-
>120198])
> at RMISSLClientSocketFactory.createSocket(Compiled Code)
> at
>sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:462)
> at
>sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:194
>)
> at sun.rmi.transport.tcp.TCPChannel.newConnection(Compiled Code)
> at sun.rmi.server.UnicastRef.invoke(Compiled Code)
> at HelloImpl_Stub.sayHello(Unknown Source)
> at HelloClient.main(HelloClient.java:30)
>