I've got a brief assignment for class which is to extend a simple Java server to support SSL on Ubuntu.
Ok, so to start, I did this:
private static SSLServerSocketFactory factory;
private static SSLServerSocket serverSocket;
public SimpleWebServer () throws Exception {
//dServerSocket = new ServerSocket (PORT);
factory = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
serverSocket = (SSLServerSocket)factory.createServerSocket(8081);
}
public void run() throws Exception {
while (true) {
/* wait for a connection from a client */
//Socket s = dServerSocket.accept();
SSLSocket s = (SSLSocket)serverSocket.accept();
/* then process the client's request */
processRequest(s);
}
}
Seems mostly fine, I run the server as follows:
java -Djavax.net.ssl.keyStore=com/learnsecurity/keystore.jks -Djavax.net.ssl.keyStorePassword=123456 com/learnsecurity/SimpleWebServer
However, when I send a request to https://localhost:8081
from Firefox, the server bombs out on me with this junk:
Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1796)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1039)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1574)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:705)
at sun.security.ssl.ServerHandshaker.sendChangeCipherAndFinish(ServerHandshaker.java:1297)
at sun.security.ssl.ServerHandshaker.clientFinished(ServerHandshaker.java:1257)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:244)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:609)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:545)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:978)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1223)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:838)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:94)
at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:282)
at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:324)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:176)
at java.io.InputStreamReader.read(InputStreamReader.java:184)
at java.io.BufferedReader.fill(BufferedReader.java:153)
at java.io.BufferedReader.readLine(BufferedReader.java:316)
at java.io.BufferedReader.readLine(BufferedReader.java:379)
at com.learnsecurity.SimpleWebServer.processRequest(SimpleWebServer.java:62)
at com.learnsecurity.SimpleWebServer.run(SimpleWebServer.java:45)
at com.learnsecurity.SimpleWebServer.main(SimpleWebServer.java:178)
I generated the certificate by following this tutorial:
http://www.sslshopper.com/article-how-to-create-a-self-signed-certificate-using-java-keytool.html
I've been searching around trying to find a resolution, but I've had no luck. I'm thinking since the server IS running that it's something to do with the certificate. Could someone point me in the right direction?