[stunnel-users] Stunnel & Java SSL

• Previous message (by thread): [stunnel-users] Session resumption
• Next message (by thread): [stunnel-users] Stunnel & Java SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm developing a website where a java applet is downloaded over an https
session provided by Stunnel (stunnel 4.04 on i586-pc-linux-gnu PTHREAD
with OpenSSL 0.9.6c 21 dec 2001) running on port 1080.
The applet codebase in the html code is set to https://x.x.x.x:1080/xxxx.jar

To complicate this issue, Stunnel is set to verify=3 i.e. it requires a
valid client certificate.
It seems that the java implementation of SSL (JVM  1.4.1_03) won't respond
to prompts for client certificates??
Stunnel simply times out with the following error....

2004.10.29 11:45:34 LOG7[6881:1024]: service accepted FD=10 from
192.168.1.2:19302004.10.29 11:45:34 LOG7[6881:1024]: FD 10 in non-blocking mode
2004.10.29 11:45:34 LOG7[6897:6146]: service finished (0 left)
2004.10.29 11:45:34 LOG7[6898:7171]: service started
2004.10.29 11:45:34 LOG5[6898:7171]: service connected from 192.168.1.2:1930
2004.10.29 11:45:34 LOG7[6898:7171]: SSL state (accept): before/accept
initialization2004.10.29 11:45:34 LOG7[6898:7171]: waitforsocket: FD=10, DIR=read
2004.10.29 11:45:39 LOG7[6898:7171]: waitforsocket: ok
2004.10.29 11:45:39 LOG7[6898:7171]: SSL state (accept): SSLv3 read client
hello A2004.10.29 11:45:39 LOG7[6898:7171]: SSL state (accept): SSLv3 write
server hello A2004.10.29 11:45:39 LOG7[6898:7171]: SSL state (accept): SSLv3 write
certificate A2004.10.29 11:45:39 LOG7[6898:7171]: SSL state (accept): SSLv3 write
certificate request A2004.10.29 11:45:39 LOG7[6898:7171]: SSL state (accept): SSLv3 flush data
2004.10.29 11:45:39 LOG7[6898:7171]: waitforsocket: FD=10, DIR=read
2004.10.29 11:45:39 LOG7[6898:7171]: waitforsocket: ok
2004.10.29 11:45:39 LOG7[6898:7171]: SSL alert (read): warning: no
certificate2004.10.29 11:45:39 LOG7[6898:7171]: waitforsocket: FD=10, DIR=read
2004.10.29 11:45:39 LOG7[6898:7171]: waitforsocket: ok
2004.10.29 11:45:39 LOG7[6898:7171]: SSL alert (write): fatal: handshake
failure2004.10.29 11:45:39 LOG3[6898:7171]: SSL_accept: 140890C7:
error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not
return a certificate2004.10.29 11:45:39 LOG7[6898:7171]: service finished (0 left)

Does anyone know a way around this?

Thank you,

Richard Watson

• Previous message (by thread): [stunnel-users] Session resumption
• Next message (by thread): [stunnel-users] Stunnel & Java SSL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]