4

there is a problem connecting to the SSL WebServices Apache Tomcat, Java SE client connects fine, but the Android client does not want to connect and displays one of the following errors: 1. "Security Requirements not met - No Security header in message", 2. "Java.lang.RuntimeException: java.lang.RuntimeException: error: 0407006A: rsa routines: RSA_padding_check_PKCS1_type_1: block type is not 01 (SHA-1) . "To connect, I describe the following code:

private SSLSocketFactory getSSLSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
    KeyStore trusted = KeyStore.getInstance("PKCS12");
    InputStream in = activity.getResources().openRawResource(R.raw.client_keystore);
    try {
        trusted.load(in, "blablabla".toCharArray());
    } catch (CertificateException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } finally {
        try {
            in.close();
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
    tmf.init(trusted);
    SSLContext context = SSLContext.getInstance("SSLv3");
    context.init(null, tmf.getTrustManagers(), null);
    return context.getSocketFactory();
}

public String SendRecieveMessage(String xmlData, String nameXML, String methodName, String methodAction) {

    HttpsTransportSE httpTransport = new KeepAliveHttpsTransportSE("hostname", 8443, "/blablabla/blablabla?wsdl", 1000);
    SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
    SoapObject request = new SoapObject(activity.getResources().getString(R.string.SOAP_NAMESPACE), methodName); // set
    // request
    Log.e("Sending SOAP", xmlData);
    String base64 = base64Coder.encodeString(xmlData);
    request.addProperty(nameXML, base64); 
    envelope.setOutputSoapObject(request); // prepare request
    try {
        ((HttpsServiceConnectionSE) httpTransport.getServiceConnection()).setSSLSocketFactory(getSSLSocketFactory());
    } catch (KeyManagementException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    } catch (KeyStoreException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    } catch (NoSuchAlgorithmException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    } catch (IOException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    }
    SoapPrimitive result = null;
    try {
        httpTransport.call(methodAction, envelope);
        result = (SoapPrimitive) envelope.getResponse(); // get
        if (result != null) {
            base64 = base64Coder.decodeString(result.toString());
        } else {
            base64 = null;
        }
    } catch (IOException e) {
        // TODO Auto-generated catch block
        Log.e("ERROR", "SOAPSendRecieve: " + e.getMessage());
        base64 = null;
    } catch (XmlPullParserException e) {
        // TODO Auto-generated catch block
        Log.e("ERROR", "SOAPSendRecieve: " + e.getMessage());
        base64 = null;
    } catch (IllegalArgumentException e) {
        Log.e("ERROR", "SOAPSendRecieve: " + e.getMessage());
        base64 = null;
        }
    } finally {
        request = null;
        result = null;
    }
    return base64;
}

Converts by a server in blablabla.jks to blablabla.pfx (PKCS # 12), I tried using two programs: "KeyStore Explorer" and "Portecle", and also tried the format "BKS", the same result, SSL kSOAP2 described in Example on the official website, in what could be the problem, it is a mistake because of incorrectly or client may be a problem in the server settings?

Example request and response dump: enter image description here

Igor Grishkov
  • 83
  • 1
  • 8
  • Can you post the full stack trace? It looks like the certificate may not be parsed correctly, what is in the PKCS#12 file? – Nikolay Elenkov Nov 26 '12 at 07:06
  • Posted dump kSOAP2, in log Tomcat Catalina, I see that the client is trying to connect, but in the log of the web service is empty, seen from dump, Tomcat does not understand the client just can not understand why ... – Igor Grishkov Nov 26 '12 at 11:21
  • If you can't establish an SSL connection, the request never makes it to the Web server. Can you show the client (Android) full stack trace? – Nikolay Elenkov Nov 26 '12 at 13:12
  • The problem was resolved, the server was deployed library WSIT, which demanded protection Security Header, that is "User" and "Password", a SOAP message, as I did not specify these parameters, the server I did not connect giving described in the message header thank you. – Igor Grishkov Nov 28 '12 at 20:10
  • Cool, glad you got it working. Still the `RSA_padding_check_PKCS1_type_1: block type is not 01 (SHA-1)` error seems unrelated. How did you fix that one? – Nikolay Elenkov Nov 29 '12 at 01:03

1 Answers1

0

The problem was resolved, the server was deployed library WSIT, which demanded protection Security Header, that is "User" and "Password", a SOAP message, as I did not specify these parameters, the server I did not connect giving described in the message header thank you all for the help.

Igor Grishkov
  • 83
  • 1
  • 8