how to get ldap certificate bypass the mutual certification using Java -


i'm writing project ldap certificate remote server. works fine general mode when server not require mutual certification. when try server requires mutual certification, fails. here code:

    string serverspec = null;     boolean enableanonsuites = false;     boolean istracing = false;      // try , parse command line arguments.     try {          serverspec = "ldap://10.47.16.60:389";     }      catch (exception e) {         trace(true,e.tostring());         usage();         return;     }      try {          // create socketfactory given ldap          // building ssl sockets         mysocketfactory msf = new mysocketfactory(istracing,                 enableanonsuites);          // set environment creating initial context         hashtable env = new hashtable(11);         env.put(context.initial_context_factory,                  "com.sun.jndi.ldap.ldapctxfactory");           // must use name of server found in certificate         env.put(context.provider_url,                  serverspec                 );          // create initial context         trace(istracing,"creating new ldapcontext");         ldapcontext ctx = new initialldapcontext(env, null);          // start          trace(istracing,"performing starttlsrequest");         starttlsresponse tls = null;          try {             tls = (starttlsresponse)ctx.extendedoperation(new starttlsrequest());         }         catch (namingexception e) {             trace(true,"unable establish ssl connection:\n"                     +e);             return;         }           // default jsse implementation compare hostname of         // server hostname in server's certificate, ,         // not proceed unless match.  override behaviour,         // have provide own hostnameverifier object.           // example below bypasses check          tls.sethostnameverifier(new hostnameverifier() {             public boolean verify(string hostname, sslsession session)              {                 return true;             }         });         // negotiate ssl on connection using our own socketfactory         trace(istracing,"negotiating ssl");         sslsession sess = null;         sess = tls.negotiate(msf);          x509certificate[] cert = sess.getpeercertificatechain(); 

the exception information follows: "javax.net.ssl.sslexception: received fatal alert: internal error", , happens @ "negotiate" method. , analyzed wireshark trace information , sure because server requires mutual certification. right now, i'm wondering if there class in com.sun.jndi.ldap package useful problem. help?

you can't. if there such class in jdk insecure. if server requires client certificate , won't operate without one, have provide one. that's point of exception.


Comments

Popular posts from this blog

Detect support for Shoutcast ICY MP3 without navigator.userAgent in Firefox? -

web - SVG not rendering properly in Firefox -

java - JavaFX 2 slider labelFormatter not being used -