Best unofficial Apache Server developers community
Username
Forgot password?
Sign in with Twitter account
Sign in with Facebook account
List archives
Videos
Answers

How to enable HTTPS when SSL is working ?

How to implement a customized message DispatchPolicy?
(22 lines)		 ActiveMQ-CPP: access to raw socket?
(13 lines)
Jun 2, 2010
Munger
Munger
 
I am using ActiveMQ 5.3.2 embedded into my Spring based application. My
goal
is to configure ActiveMQ in order to be able to commnicate with it in
HTTPS
(requests and responses encapsulated in HTTPS).
The SSL part is done: i have a client test application connection with SSL
to activemq, and the communication is OK with certs on both sides.
When adding the HTTPS connector to activemq configuration, and trying with
my client app to connect using https://localhost:myport, it doesn't work
and
i get the following error:

handling exception: javax.net.ssl.SSLException: Unrecognized SSL message,
plaintext connection?

What could make my HTTPS connnection fails, although the SSL comuncation
seems ok ?

Thanks a lot if you have any clue, that's a very important bug for me
right
now. Thanks a lot for any help.

Max
Reply
Tags: httpsactivemqclient
Messages in this thread
How to enable HTTPS when SSL is working ?
Similar Threads
Tomcat7 HTTPS APR Performance
Hello,

For comparing performance of Apache Tomcat 7 with APR and Jboss Web Server

with APR version 2.1.4 with Tomcat 7   we have done a load test of an app.
The Open SSL and APR libtcnative files were in the path using the
LD_LIBRARY_PATH env variable. The protocol used was HTTPS.

While doing load testing with HP Load Runner we observed the following
response times(seconds) for 100 concurrent users:
	                       Tomcat7	JbossWebServer-2.1.4	Jboss4.2.3
jmeter - https -question
hello all,

I am testing an https image pixel.
So, I don't have any authentication like user name etc.

Basically, I run this test on a mac amchine and teh result is good.
But, if I run it an  a linux machine, I see that the latency is always 0.
also, I see some INFO in the logs as follows:

INFO - org.apache.commons.httpclient.HttpMethodDirector: I/O exception
(java.net.SocketException) caught when processing request: Connection
reset
INFO - org.apache.commons.httpclient.HttpMethodDirector: Retrying request"

What does that mean?
is that an error? is that the reason why i am not getting latency?

any help is appreciated.

thanks,
Bindu
Problem w/ json in https request
Hi,
Please help. Thanks in advance.
I want to send a https request w/ json format, and parse json response.
I set up a Thread Group that has HTTP Request Default.
I have HTTP Request which has (json request in parameter value, parameter
name is blank,  and HTTP Header
has "Content-Type=application/json", and View result tree listener  to get
 response.  I got the request sent out as no Jason attached. Looking at
Exact JSON should be in param.value:

{"cid":"lsakdjflsa", "pst":"lskajdflsa",
"context":{"country":"default","language":"default","view":"default","container":"default"},"gadgets":[{"gid":"1111","moduleId":1}]}

View Result Tree shows the request has this only ...

>>>GET https://localhost:22108/gadgets/metadata

[no cookies]

Request Headers:
Connection: keep-alive
Content-Type: application/json
>>>>>

Below is sampler, RED is highlight the Jason as Param Value.

 Sample of HTTPSampler:

       <HTTPSampler guiclass="HttpTestSampleGui"
testclass="HTTPSampler" testname="/gadgets/metadata" enabled="true">
          <elementProp name="HTTPsampler.Arguments"
elementType="Arguments" guiclass="HTTPArgumentsPanel" testclass="Arguments"
enabled="true">
            <collectionProp name="Arguments.arguments">
              <elementProp name="" elementType="HTTPArgument">
                <boolProp
name="HTTPArgument.always_encode">true</boolProp>
                <stringProp
name="Argument.value">{&quot;cid&quot;:&quot;lsakdjflsa&quot;,
&quot;pst&quot;:&quot;lskajdflsa&quot;,
&quot;context&quot;:{&quot;country&quot;:&quot;default&quot;,&quot;language&quot;:&quot;default&quot;,&quot;view&quot;:&quot;default&quot;,&quot;container&quot;:&quot;default&quot;},&quot;gadgets&quot;:[{&quot;gid&quot;:&quot;1111&quot;,&quot;moduleId&quot;:1}]}</stringProp>
                <stringProp
name="Argument.metadata">=</stringProp>
                <boolProp
name="HTTPArgument.use_equals">true</boolProp>
              </elementProp>
            </collectionProp>
          </elementProp>
          <stringProp
name="HTTPSampler.domain">localhost</stringProp>
          <stringProp
name="HTTPSampler.port">22108</stringProp>
          <stringProp
name="HTTPSampler.protocol">https</stringProp>
          <stringProp
name="HTTPSampler.contentEncoding"></stringProp>
          <stringProp
name="HTTPSampler.path">/gadgets/metadata</stringProp>
          <stringProp
name="HTTPSampler.method">GET</stringProp>
          <boolProp
name="HTTPSampler.follow_redirects">true</boolProp>
          <boolProp
name="HTTPSampler.auto_redirects">false</boolProp>
          <boolProp
name="HTTPSampler.use_keepalive">true</boolProp>
          <boolProp
name="HTTPSampler.DO_MULTIPART_POST">true</boolProp>
          <stringProp
name="HTTPSampler.mimetype"></stringProp>
          <stringProp
name="HTTPSampler.FILE_NAME"></stringProp>
          <stringProp
name="HTTPSampler.FILE_FIELD"></stringProp>
          <stringProp
name="HTTPSampler.monitor">false</stringProp>
          <stringProp
name="HTTPSampler.embedded_url_re"></stringProp>
        </HTTPSampler>
        <hashTree/>

Thanks a lot.
Van
Why my web application automatically switch to https?
Hi,
i can't figure out why a web application i'm working with, keep on 
switching automatically from http to https after each jsp:forward.

I've tried to add to web.xml the following snippet:

    <security-constraint>

        <web-resource-collection>

            <web-resource-name>The entire dashboard
            application</web-resource-name>
            <url-pattern>/*</url-pattern>

        </web-resource-collection>
        <user-data-constraint>

            <transport-guarantee>NONE</transport-guarantee>

        </user-data-constraint>

    </security-constraint>


hoping to force the application to a plain http communication, but no 
results.

Any ideas?


Thanks,
Luca
Why my web application automatically switchs to https?
Hi,
i can't figure out why a web application i'm working with, keep on 
switching automatically from http to https after each jsp:forward.

I've tried to add to web.xml the following snippet:

<security-constraint>

<web-resource-collection>

<web-resource-name>The entire dashboard
            application</web-resource-name>
<url-pattern>/*</url-pattern>

</web-resource-collection>
<user-data-constraint>

<transport-guarantee>NONE</transport-guarantee>

</user-data-constraint>

</security-constraint>


hoping to force the application to a plain http communication, but no 
results.

Any ideas?


Thanks,
Luca
how to make ErrorDocument apply to https:// site as well?
In my httpd.conf file I added the directive (at the bottom of the 
file, so at the top level):

ErrorDocument 403 /banned_ip.php

That works when I go to a file that I've set chmod to 000:
http://209.160.28.154/forbidden.txt

(of course the "banned IP" message doesn't make any sense in that 
context where the real reason the file is forbidden is because its 
permissions are 000, but I'm just testing the ErrorDocument directive)

But when I go to the https:// version of the same URL (after ignoring 
the SSL cert error of course):
https://209.160.28.154/forbidden.txt
I see a generic "403 forbidden" instead of the error I specified in 
ErrorDocument.

How do I make the ErrorDocument directive apply to my SSL site as 
well?  I've tried inserting "ErrorDocument 403 /banned_ip.php" into 
ssl.conf at the top level, and into ssl.conf inside the <VirtualHost 
_default_:443></VirtualHost> tags, but none of that worked.

	-Bennett
Re: WSDL endpoint location: Web server https
Also,

Soap request is not reaching the app.  From Websphere logs, we are seeing
something like:

ServletContro W   Can't find the request for
https://blah.com/ts/services//TransportationLocationService's Observer 

Not sure why there is an extra "/".  

any information is greatly appreciated.

Thank you,
J
WSDL endpoint location: Web server https
Hi,

Environment:  
Webserver is a https url, redirecting requests to app server.

Should the endpoint in WSDL be that of https webserver?  We had the
endpoint
as that of appserver  but in the logs there was not an observer for the
service.

Any ideas?

Thanks,
J
Problem redirecting http to https in Tomcat 4
I have an application that has a Web interface using an embeded Tomcat 4
Server. I need to make it available to users over the Internet and want to
secure it with SSL. It originally worked on port 8080 but I successfully
modified the SERVER.XML to make it work over port 80. I also sucessfully
created an SSL connector so that if you specify
https://myserver.domain.com
you can access the app over SSL on port 443. The final piece of the puzzle
I've been struggling with is automatically redirecting http: requests to
https: All the Tomcat forums say this is pretty simple, all you need to do
is add a bit of code to either the server or app's web.xml:





Protected Context

/*





CONFIDENTIAL





When I enter this code and restart Tomcat, the app stops working on all
ports. I just get a '404' resource not found on the default page or any
other. I'm sure I'm missing something but I have no idea what. Are there
Any
Tomcat gurus out there that can point me in the right direction?
Tomcat crashed after servicing too many HTTPS connection
I am using Tomcat 5.5.15 with JDK 1.5.0 update 7 on RedHat Enterprise.

I tested my web application by refreshing a page many times, the Tomcat
server crashed and thrown exception below:

Jul 6, 2010 11:21:38 AM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint [SSL: ServerSocket[addr=
0.0.0.0/0.0.0.0,port=0,localport=8443]] ignored exception:
java.net.SocketException: Too many open files
java.net.SocketException: Too many open files
    at java.net.PlainSocketImpl.socketAccept(Native Method)
    at java.net.PlainSocketImpl.accept(PlainSocketImpl.java:384)
    at java.net.ServerSocket.implAccept(ServerSocket.java:450)
    at
com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:259)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocketFactory.java:110)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:407)
    at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:70)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
Jul 6, 2010 11:21:38 AM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
WARNING: Reinitializing ServerSocket
Jul 6, 2010 11:21:38 AM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint null ignored exception: java.io.FileNotFoundException:
/usr-files/ssl-truststore (Too many open files)
java.io.FileNotFoundException: /usr-files/ssl-truststore (Too many open
files)
    at java.io.FileInputStream.open(Native Method)
    at java.io.FileInputStream.<init>(FileInputStream.java:106)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:279)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:256)
    at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getTrustManagers(JSSE14SocketFactory.java:174)
    at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:468)
    at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:70)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
Jul 6, 2010 11:21:38 AM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
WARNING: Restarting endpoint
Jul 6, 2010 11:21:38 AM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint null shutdown due to exception:
java.io.FileNotFoundException: /.keystore (Too many open files)
java.io.FileNotFoundException: /.keystore (Too many open files)
    at java.io.FileInputStream.open(Native Method)
    at java.io.FileInputStream.<init>(FileInputStream.java:106)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:279)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:222)
    at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.getKeyManagers(JSSE14SocketFactory.java:141)
    at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:109)
    at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:88)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:292)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:480)
    at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:70)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
Jul 6, 2010 11:21:38 AM
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable run
SEVERE: Caught exception (java.lang.ThreadDeath) executing
org.apache.tomcat.util.net.### @117a4c6, terminating
thread
Jul 6, 2010 11:21:41 AM org.apache.naming.resources.FileDirContext list
WARNING: Could not get dir listing for
/usr/local/apache-tomcat-5.5.16/webapps/windtalker/WEB-INF/lib
Jul 6, 2010 11:21:41 AM org.apache.catalina.loader.WebappClassLoader
modified
INFO:     Additional JARs have been added
Jul 6, 2010 11:21:41 AM org.apache.catalina.core.StandardContext reload
INFO: Reloading this Context has started
How to use httpclient4.0 to connect HTTPS via socks proxy?
I've been trying to use httpclient4.0 to connect https server via socks
proxy, but it failed again and again.

My code is something like this:
KeyStore ks = loadCertFromFile(certFileName, passphrase);
X509TrustManager trustManager = getTrustManager(ks);
SocketFactory sf = new SocksSSLSocketFactory(getSSLContext(trustManager),
"10.64.69.40", 1080);
DefaultHttpClient httpclient = new DefaultHttpClient();
ClientConnectionManager ccm = httpclient.getConnectionManager();
SchemeRegistry schemeRegistry = ccm.getSchemeRegistry();
schemeRegistry.register(new Scheme("https", sf, portNumber));
httpResponse = httpclient.execute(httpHost, httpUriRequest);

public class SocksSSLSocketFactory implements SocketFactory {

    private String proxyHost;
    private int proxyPort;
    private String userName;
    private String passWd;
    private final javax.net.ssl.SSLSocketFactory socketfactory;

    public SocksSSLSocketFactory(SSLContext sslContext, String socksHost,
int socksPort) {
        this(sslContext, socksHost, socksPort, null, null);
    }

    public SocksSSLSocketFactory(SSLContext sslContext, String socksHost,
int socksPort,
            String userName, String passWd) {
        this.socketfactory = sslContext.getSocketFactory();
        proxyHost = socksHost;
        proxyPort = socksPort;
        this.userName = userName;
        this.passWd = passWd;
    }

    public Socket createSocket() throws IOException {
        return (SSLSocket) this.socketfactory.createSocket();
    }

    public Socket connectSocket(Socket sock,
            String host,
            int port,
            InetAddress localAddress,
            int localPort,
            HttpParams params) throws IOException, UnknownHostException,
ConnectTimeoutException {
        if (host == null) {
            throw new IllegalArgumentException("Target host may not be
null.");
        }
        if (params == null) {
            throw new IllegalArgumentException("Parameters may not be
null.");
        }

        InetSocketAddress epoint = new InetSocketAddress(host, port);
        sock = getSocketConnected(epoint);
        SSLSocket sslSocket =
(SSLSocket)this.socketfactory.createSocket(sock, host, port, false);
        if ((localAddress != null) || (localPort > 0)) {
            // we need to bind explicitly
            if (localPort < 0) {
                localPort = 0; // indicates "any"
            }
            InetSocketAddress isa =
                    new InetSocketAddress(localAddress, localPort);
            sslSocket.bind(isa);
        }
        
        return sock;
    }

    public boolean isSecure(Socket sock) throws IllegalArgumentException {
        if (sock == null) {
            throw new IllegalArgumentException("Socket may not be null.");
        }
        // This check is performed last since it calls a method
implemented
        // by the argument object. getClass() is final in
java.lang.Object.
        if (sock.isClosed()) {
            throw new IllegalArgumentException("Socket is closed.");
        }
        return false;
    }

    //generate the socket connected to socks4 proxy server
    private Socket getSocketConnected(InetSocketAddress endpoint) throws
IOException {
        Socket socket = new Socket(proxyHost, proxyPort);
        InputStream in = socket.getInputStream();
        OutputStream out = socket.getOutputStream();

        out.write(4);
        out.write(1);
        out.write((endpoint.getPort() >> 8) & 0xff);
        out.write((endpoint.getPort() >> 0) & 0xff);
        out.write(endpoint.getAddress().getAddress());
        if (userName != null)
        {
            try {
                out.write(userName.getBytes("ISO-8859-1"));
            } catch (java.io.UnsupportedEncodingException uee) {
                assert false;
            }
        }
        out.write(0);
        out.flush();
        byte[] data = new byte[8];
        int n = readSocketReply(in, data);
        if (n != 8) {
            throw new SocketException("Reply from SOCKS server has bad
length: " + n);
        }
        if (data[0] != 0 && data[0] != 4) {
            throw new SocketException("Reply from SOCKS server has bad
version");
        }
        SocketException ex = null;
        switch (data[1]) {
            case 90:
                // Success!
                break;
            case 91:
                ex = new SocketException("SOCKS request rejected");
                break;
            case 92:
                ex = new SocketException("SOCKS server couldn't reach
destination");
                break;
            case 93:
                ex = new SocketException("SOCKS authentication failed");
                break;
            default:
                ex = new SocketException("Reply from SOCKS server contains
bad status");
                break;
        }
        if (ex != null) {
            in.close();
            out.close();
            throw ex;
        }

        return socket;
    }

    private int readSocketReply(InputStream in, byte[] data) throws
IOException {
	int len = data.length;
	int received = 0;
	for (int attempts = 0; received < len && attempts < 3;
attempts++) {
	    int count = in.read(data, received, len - received);
	    if (count < 0)
		throw new SocketException("Malformed reply from SOCKS server");
	    received += count;
	}
	return received;
    }
}


But I got java.net.SocketException:Socket is not connected when running:
httpResponse = httpclient.execute(httpHost, httpUriRequest);

Here is the log.
10-07-05 10:57:42,269 DEBUG -Get connection for route
HttpRoute[{}->https://10.64.69.13:9000]
[org.apache.http.impl.conn.SingleClientConnManager.getConnection(SingleClientConnManager.java:195)]
2010-07-05 10:57:42,269 DEBUG -Get connection for route
HttpRoute[{}->https://10.64.69.13:9000]
[org.apache.http.impl.conn.SingleClientConnManager.getConnection(SingleClientConnManager.java:195)]
2010-07-05 10:57:42,286 DEBUG -Connection shut down
[org.apache.http.impl.conn.DefaultClientConnection.shutdown(DefaultClientConnection.java:141)]
2010-07-05 10:57:42,286 DEBUG -Connection shut down
[org.apache.http.impl.conn.DefaultClientConnection.shutdown(DefaultClientConnection.java:141)]
2010-07-05 10:57:42,287 DEBUG -Releasing connection
org.apache.http.impl.conn.SingleClientConnManager$ConnA### @19ab6f6
[org.apache.http.impl.conn.SingleClientConnManager.releaseConnection(SingleClientConnManager.java:250)]
2010-07-05 10:57:42,287 DEBUG -Releasing connection
org.apache.http.impl.conn.SingleClientConnManager$ConnAd### @19ab6f6
[org.apache.http.impl.conn.SingleClientConnManager.releaseConnection(SingleClientConnManager.java:250)]
2010-07-05 10:57:42,287 ERROR
-executeRequest=============================:class:class
java.net.SocketException:Socket is not connected
[com.trendmicro.imss.ui.modelobjects.prefilter.client.CommonUtils.executeRequest(CommonUtils.java:641)]


Actually I have connected to the proxy server in the connectSocket
function,
I couldn't figure out why it reported this exception? (Why connection
shutdown after getconnection?)

Anyone can help me? Thank you in advance.
Created: (AMQ-2768) HTTPS transportConnector does not create a SssSocket but a plain text one
HTTPS transportConnector does not create a SssSocket but a plain text one
Re: How to enable file based persistence ?

Gary Tully wrote:
 
 you need to add the attribute: persistenceFlag="true"
 

Hmm, I don't understand. Currently I put into activemq.xml:

<bean xmlns="http://www.springframework.org/schema/beans"
id="forcePersistencyModeBroker"
class="org.apache.activemq.plugin.ForcePersistencyModeBrokerPlugin"> 
<property name="persistenceFlag" value="true"/> 
</bean> 


...but it didn't help. According to your suggestion I set the value to
"true".

So what's wrong?

Your wrote earlier to code:
<plugins> 
  <forcePersistencyModeBrokerPlugin/> 
</plugins>

This is different from what is told on page:

https://issues.apache.org/activemq/browse/AMQ-2339

So again: How do I officially setup forcePersistencyModeBrokerPlugin?

Thank you
Ben
Enable @Action inspection when create service from wsdl
Hi all, When there is no wsaw:action specified in wsdl input/out :

<binding name="AddNumbersBindingOnlyAnon"
type="tns:AddNumbersPortType">
		<wsaw:UsingAddressing wsdl:required="false" />
		<soap:binding transport="http://schemas.xmlsoap.org/soap/http"
			style="document" />
		<operation name="addNumbers">
			<soap:operation soapAction="" />
			<input>
				<soap:body use="literal" />
			</input>

We do not inspect the @Action annotated to the interface class which
user manually added  :

    @Action(input = "1in", output = "1out", fault = {
        @FaultAction(className = AddNumbersFault_Exception.class,
value = "1fault")
    })
    public int addNumbers(int number1, int number2) throws
AddNumbersFault_Exception {

    }

Should we support this ?  In some situation , user do not have the
right to change the remote or standard wsdl.
Modifying the annotation in Interface class is a quick and easy way to
change the default wsa action value in soap  message .
Do you see any problems here ?

Cheers
Jim