Java SSL-Server bad certificate Error when trying to use SSL-Connection

Question

First I made a new keystore (I used letsencrypt for the Certificate) through java-keytool. Below are the Commands:

openssl pkcs12 -export -out keystore.pkcs12 -in fullchain.pem -inkey privkey.pem -passout pass:123456
keytool -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks -srcstorepass 123456 -deststorepass 123456

Below is the Code where I make a new SSL-Context:

public static SSLContext createContext(String domain) {
        String pass = "spamspam";

        File dir = new File("/etc/letsencrypt/live/" + domain);
        if (!dir.exists()) {
            System.out.println("Could not find letsencrypt dir: " + dir);
            return null;
        }

        File keystoreFile = new File(dir, "keystore.jks");
        File pemFile = new File(dir, "fullchain.pem");

        try {
            KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
            keystore.load(new FileInputStream(keystoreFile), pass.toCharArray());

            KeyManagerFactory keyManagerFactory = KeyManagerFactory
                    .getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keystore, pass.toCharArray());

            SSLContext ret = SSLContext.getInstance("TLSv1.2");
            TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            factory.init(keystore);
            ret.init(keyManagerFactory.getKeyManagers(), factory.getTrustManagers(), null);

            return ret;
        } catch (Exception e) {
            System.out.println(e);
        }
        return null;
    }

After creating the context, this is how I embedded it:

public SSLSocket createSSLSocket(Socket socket) throws IOException {

                InetSocketAddress remoteAddress =
                        (InetSocketAddress) socket.getRemoteSocketAddress();

                SSLSocketFactory sf = SSLUtils.createContext("anthararp.de").getSocketFactory();
                SSLSocket s = (SSLSocket) (sf.createSocket(
                        socket, remoteAddress.getHostName(), socket.getPort(), true));

                // we are a server
                s.setUseClientMode(false);

                // select strong protocols and cipher suites
                s.setEnabledProtocols(StrongTls.intersection(
                      s.getSupportedProtocols(), StrongTls.ENABLED_PROTOCOLS));
                s.setEnabledCipherSuites(StrongTls.intersection(
                      s.getSupportedCipherSuites(), StrongTls.ENABLED_CIPHER_SUITES));

                //// Client must authenticate
                // s.setNeedClientAuth(true);

                return s;
            }

If I now try to communicate with my Server through SSL I'm getting the following error:

javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

Does this help https://stackoverflow.com/questions/11799733/received-fatal-alert-bad-certificate — JCompetence, Dec 02 '20 at 21:34
can you try to use openssl to see the certificate server is serving `openssl s_client -connect hostname:port -showcerts` — Yan, Dec 03 '20 at 15:07

Java SSL-Server bad certificate Error when trying to use SSL-Connection

0 Answers0