Re: Problem configuring JSS with Firefox 2 and JRE 1.5.10

Mon, 12 Feb 2007 02:34:27 -0800 

Hi Glen,
I don´t get any output or exception trace referencing exactly to JSS. I think that my problem is only about Mozilla-JSS integration with security in applets, not a concrete applet programming trouble. After authentication browser HTTPS client authentication, the applet tries also to authenticate against server, and It doesn´t find the proper certificate in Java´s certificates repository, which is empty (I would like that browser try to find this certificate at Firefox´s certificate repository) . I only got this "short" trace from Firefox, which I interpret that indicates there is not enough permissions to load the class: 

java.net.SocketException: Broken pipe
 at java.net.SocketOutputStream.socketWrite0(Native Method)
 at java.net.SocketOutputStream.socketWrite(Unknown Source)
 at java.net.SocketOutputStream.write(Unknown Source)
 at com.sun.net.ssl.internal.ssl.OutputRecord.writeBuffer(Unknown Source)
 at com.sun.net.ssl.internal.ssl.OutputRecord.write(Unknown Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)

 at 
com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown 
Source)

 at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
 at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

 at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown 
Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown 
Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown 
Source)

 at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

 at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown 
Source)
 at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown 
Source)
 at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown 
Source)

 at sun.plugin.net.protocol.http.HttpUtils.followRedirects(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.isUpToDate(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.loadFromCache(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.load(Unknown Source)
 at sun.plugin.cache.JarCache.get(Unknown Source)

 at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown 
Source)
 at 
sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown 
Source)

 at sun.misc.URLClassPath$JarLoader.getJarFile(Unknown Source)
 at sun.misc.URLClassPath$JarLoader.<init>(Unknown Source)
 at sun.misc.URLClassPath$3.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at sun.misc.URLClassPath.getLoader(Unknown Source)
 at sun.misc.URLClassPath.getLoader(Unknown Source)
 at sun.misc.URLClassPath.getResource(Unknown Source)
 at java.net.URLClassLoader$1.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at java.net.URLClassLoader.findClass(Unknown Source)
 at sun.applet.AppletClassLoader.findClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadCode(Unknown Source)
 at sun.applet.AppletPanel.createApplet(Unknown Source)
 at sun.plugin.AppletViewer.createApplet(Unknown Source)
 at sun.applet.AppletPanel.runLoader(Unknown Source)
 at sun.applet.AppletPanel.run(Unknown Source)
 at java.lang.Thread.run(Unknown Source)

javax.net.ssl.SSLHandshakeException: Remote host closed connection 
during handshake

 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown 
Source)

 at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)

 at 
com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown 
Source)

 at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
 at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

 at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown 
Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown 
Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown 
Source)

 at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

 at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown 
Source)
 at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown 
Source)
 at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown 
Source)

 at sun.plugin.net.protocol.http.HttpUtils.followRedirects(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.isUpToDate(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.loadFromCache(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.load(Unknown Source)
 at sun.plugin.cache.JarCache.get(Unknown Source)

 at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown 
Source)
 at 
sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown 
Source)

 at sun.misc.URLClassPath$JarLoader.getJarFile(Unknown Source)
 at sun.misc.URLClassPath$JarLoader.<init>(Unknown Source)
 at sun.misc.URLClassPath$3.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at sun.misc.URLClassPath.getLoader(Unknown Source)
 at sun.misc.URLClassPath.getLoader(Unknown Source)
 at sun.misc.URLClassPath.getResource(Unknown Source)
 at java.net.URLClassLoader$1.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at java.net.URLClassLoader.findClass(Unknown Source)
 at sun.applet.AppletClassLoader.findClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadCode(Unknown Source)
 at sun.applet.AppletPanel.createApplet(Unknown Source)
 at sun.plugin.AppletViewer.createApplet(Unknown Source)
 at sun.applet.AppletPanel.runLoader(Unknown Source)
 at sun.applet.AppletPanel.run(Unknown Source)
 at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
 at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
 ... 44 more

javax.net.ssl.SSLHandshakeException: Remote host closed connection 
during handshake

 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown 
Source)

 at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)

 at 
com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown 
Source)
 at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown 
Source)

 at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
 at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

 at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown 
Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown 
Source)
 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown 
Source)

 at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)

 at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown 
Source)
 at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown 
Source)
 at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown 
Source)

 at sun.plugin.net.protocol.http.HttpUtils.followRedirects(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.isUpToDate(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.loadFromCache(Unknown Source)
 at sun.plugin.cache.CachedJarLoader.load(Unknown Source)
 at sun.plugin.cache.JarCache.get(Unknown Source)

 at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown 
Source)
 at 
sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown 
Source)

 at sun.misc.URLClassPath$JarLoader.getJarFile(Unknown Source)
 at sun.misc.URLClassPath$JarLoader.<init>(Unknown Source)
 at sun.misc.URLClassPath$3.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at sun.misc.URLClassPath.getLoader(Unknown Source)
 at sun.misc.URLClassPath.getLoader(Unknown Source)
 at sun.misc.URLClassPath.getResource(Unknown Source)
 at java.net.URLClassLoader$1.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at java.net.URLClassLoader.findClass(Unknown Source)
 at sun.applet.AppletClassLoader.findClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadCode(Unknown Source)
 at sun.applet.AppletPanel.createApplet(Unknown Source)
 at sun.plugin.AppletViewer.createApplet(Unknown Source)
 at sun.applet.AppletPanel.runLoader(Unknown Source)
 at sun.applet.AppletPanel.run(Unknown Source)
 at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
 at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
 ... 44 more
cargar: clase umu.crypto.UMUCryptoApplet4v2 no encontrada.
java.lang.ClassNotFoundException: umu.crypto.UMUCryptoApplet4v2
 at sun.applet.AppletClassLoader.findClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.applet.AppletClassLoader.loadCode(Unknown Source)
 at sun.applet.AppletPanel.createApplet(Unknown Source)
 at sun.plugin.AppletViewer.createApplet(Unknown Source)
 at sun.applet.AppletPanel.runLoader(Unknown Source)
 at sun.applet.AppletPanel.run(Unknown Source)
 at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed.
 at sun.applet.AppletClassLoader.getBytes(Unknown Source)
 at sun.applet.AppletClassLoader.access$100(Unknown Source)
 at sun.applet.AppletClassLoader$1.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 ... 10 more


I don´t know if you are talking about a JSS ubuntu package, I don´t have 
idea if it exists (I didn´t find it in my Ubuntu Synaptic Package 
Manager). I only download the JSS4 .so and .jar, and install it 
following this instructions (seeing that this doesn´t works, also I 
tried with other configurations...changing file´s permissions, changing 
environment variables... but I didn´t find any solution):



http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/keystores.html 




I would like to know if somebody has configurated successfully JSS 4 
with Firefox 2.0 to use with HTTPS client authentication. It´s supposed 
that JSS allows an applet to access Mozilla user´s certificate 
respository to carry out applet´s client authentication, avoiding user 
to manually add a certificate in the Java JRE Console (Security --> 
Certificates --> Client Authentication --> System or user tab).



I think that it could be a matter of simply putting archives in the 
correct place, and environment variables with correct value, but it 
seems that i don´t find the winner combination (I tried a lot during 2 
days before send my first mail :-S).


I´m mudding up with this affair.
My best regards :-D .

Jesús.


Glen Beasley escribió:


Hello Jesús,

What output do you get in the java console related to JSS?


After installing the JSS package you also have to go to Java control 
panel, "Advanced tab", under "security", check on the box:

"Use certificate and keys in browser keystore".


http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/jcp.html 




If you cannot get this to work please create a JSS bug and attach your 
sample applet with the steps you have taken

so far and I will do my best to look at it as soon as possible.

https://bugzilla.mozilla.org/enter_bug.cgi?product=JSS

thank you,

glen





j.fabre wrote:


Hi all,


I´m trying to configure JSS 4 and Firerfox in Ubuntu, but I cannot 
find the way to integrate both to use JSS for HTTPS client 
authentication.
My intentions are use JSS access to Firefox certificate´s repository 
for applet´s client authentication.

I followed these instructions but don´t give me a solution:


http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/keystores.html 




Also I tried to configure LD_LIBRARY_PATH, MOZILLA_HOME pointing to 
libjss4.so


and CLASSPATH pointing to jss4.jar, but it doesn´t work neither.

I´m totally lost and disoriented. ¿anybody could help me?

Thanks for yout time.
Jesús.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto






_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto






















					Reply via email to