Search network charts and data at any time New printer page, PDF options (vertical, horizontal, scale)ĭashboards: Display some relevant and irrelevant objects on the page such as grids, single record views, charts, reports, search pages You can also set a password to protect your Web Applications. Make your website unique! PHPRunner provides you with a variety of website layouts, color schemes and advanced visual editors, and all the tools you need to customize the look of each page image to design a unique website. Using PHPRunner you can create attractive visual web interfaces for local databases such as MySQL, MS Access, SQL Server, Postgre and Oracle. Import PHPRunner is a complete PHP code generator and form builder. Save this as it will be referenced later, than here is the solution for an SSL http get, excluding the TLS_DHE_ cipher suites. So create the server certification file by: echo |openssl s_client -connect :443 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' NOTE: Bounc圜astle is NOT required for the solution. So the solution posted here relies on removing TLS_DHE_ ciphers completely. I guess somewhere in the Sun SSL implementation sometimes it choose DHE, sometimes it choose ECDHE. If TLS_ECDHE_ was selected, MOST OF the time it worked, but not ALWAYS, so adding even Bounc圜astle provider was unreliable (failed with same error, every other time or so). The later would happen if I added Bounc圜astle. I noticed from the =ssl, that sometimes the used cipher suite is TLS_DHE_. Here is my solution (java 1.6), also would be interested why I had to do this: Should it be relevant, I'm using OS X 10.6.8, Java version 1.6.0_26. Verify return code: 18 (self signed certificate)Īs noted, after all that, it does connect successfully which is more than you can say for my Java app. New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA SSL handshake has read 2178 bytes and written 468 bytes Here's what happens when I connect to 6697 using 'openssl' from commandline: ~ $ openssl s_client -connect :6697ĭepth=0 error:num=18:self signed certificate So I'm wondering if this is a limitation of Java default SSL support, or something. Obviously one possibility is that esper's server is misconfigured, but I searched and didn't find any other references to people having problems with esper's SSL ports, and 'openssl' connects to it (see below). And yes there is some magic going on with the 'trustAllCerts' that code forces the SSL system not to validate certs. It's that last startHandshake that throws the exception. S.connect(new InetSocketAddress(host, port), timeout) S = (SSLSocket)sslContext.getSocketFactory().createSocket() SslContext.init(null, trustAllCerts, new SecureRandom()) My code (which as noted does work when connecting to some SSL servers) is: SSLContext sslContext = SSLContext.getInstance("SSL") An example of a server that does not demonstrate the problem is :6697. When I make an SSL connection with some IRC servers (but not others - presumably due to the server's preferred encryption method) I get the following exception: Caused by: : Could not generate DH keypairĪt .(DHCrypt.java:106)Īt .(ClientHandshaker.java:556)Īt .(ClientHandshaker.java:183)Īt .(Handshaker.java:593)Īt ._record(Handshaker.java:529)Īt .(SSLSocketImpl.java:893)Īt .(SSLSocketImpl.java:1138)Īt .(SSLSocketImpl.java:1165)įinal cause: Caused by: : Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive)Īt .DHKeyPairGenerator.initialize(DashoA13*.)Īt $Delegate.initialize(KeyPairGenerator.java:627)Īt .(DHCrypt.java:100)Īn example of a server that demonstrates this problem is :6697 (this is an IRC server).
0 Comments
Leave a Reply. |