Stack Overflow
Stack Overflow

Questions tagged [sslcontext]

According to IBM Knowledge Center,

The SSLContext is an engine class for an implementation of a secure socket protocol. An instance of this class acts as a factory for SSL socket factories and SSL engines. An SSLContext holds all of the state information shared across all objects created under that context. For example, session state is associated with the SSLContext when it is negotiated through the handshake protocol by sockets created by socket factories provided by the context. These cached sessions can be reused and shared by other sockets created under the same context.

Each instance is configured through its init method with the keys, certificate chains, and trusted root CA certificates that it needs to perform authentication. This configuration is provided in the form of key and trust managers. These managers provide support for the authentication and key agreement aspects of the cipher suites supported by the context.

94 questions
1
vote
1 answer

Why does okhttp not use TLSv1 when activated in the Socket Factory?

On some old Android versions (< API 21), there is only SSLv3 and TLSv1 available: The server accepts minimum TLSv1, handshakes with SSL are rejected. So for Glide to load images properly, I use a custom okhttp client with a Socket Factory that uses…
Manuel
  • 14,274
  • 6
  • 57
  • 130
1
vote
0 answers

Java - Algorithm constraints check failed on signature algorithm: RSASSA-PSS on trying open LDAP Connection with SSLContext

As i am trying to open LDAP connection using SSLContext, i am getting certificate verification error as below. javax.naming.CommunicationException: simple bind failed: :636 [Root exception is javax.net.ssl.SSLHandshakeException:…
Sharath K P
  • 41
  • 1
  • 4
1
vote
0 answers

Flask application using TLS

I am trying to execute my Flask application over TLS, this is my example: from flask import Flask import ssl app = Flask(__name__) @app.route('/ping') def ping(): return 'pong' if __name__ == '__main__': context =…
Prisco
  • 653
  • 1
  • 15
  • 30
1
vote
2 answers

SSLSocketFactory in Java, LDAP network connection

My question is similar to: SSLSocketFactory in java I need to set a custom SSLSocketFactory...except I do NOT have an https connection (it's LDAPS), so can't use: HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); ...to set the…
Kenny Cason
  • 497
  • 5
  • 17
1
vote
0 answers

Using different SSL context for Rest & Soap & JDBC in Spring Boot

Using spring boot right now with hsm & mssql jdbc & rest & soap services running in one single microservice. MainApplication.java @SpringBootApplication public class MainApplication { @Autowired public Environment env; public static…
Satscreate
  • 495
  • 12
  • 38
1
vote
0 answers

PKCS12 KeyStore problem while migrate from Oracle to IBM

I'm trying to migrate my spring service from java Oracle 1.8 to IBM 1.8 final KeyStore ks = KeyStore.getInstance("PKCS12"); ks.load(new FileInputStream(new File(keystore)), "".toCharArray()); final KeyManagerFactory kmf =…
E.Bash
  • 21
  • 3
1
vote
0 answers

java sslcontext.init with null key manager

There is an old piece of code (not under my control) which initializes as sslContext.init(null, ...) - key manager is hard coded to be null. Later, the code will create a ssl server socket. I am trying to provide a jks key store file to use…
Alex Ber
  • 11
  • 2
1
vote
1 answer

I am getting LEAK: ByteBuf.release() was not called before it's garbage-collected. See http://netty.io/wiki/reference-counted-objects.html

Following is the stack trace: Created at: io.netty.buffer.CompositeByteBuf.(CompositeByteBuf.java:63) io.netty.buffer.AbstractByteBufAllocator.compositeDirectBuffer(AbstractByteBufAllocator.java:191) …
Siddhivinayak Shanbhag
  • 762
  • 1
  • 6
  • 15
1
vote
1 answer

SSLContextBuilder fails to loadKeyMaterial

I'm trying to use Apache httpclient-4.5.5 (with httpcore-4.4.9) to obtain the server certificate from a server that applies 'mutual SSL'. I'm creating an SSLContext as follows: final String keystorePass =…
user8568429
  • 21
  • 1
  • 5
1
vote
1 answer

Partial chain verification on Java SSL TrustManager

I have a requirement where one can provide an intermediate CA to trust but not the CA(s) that have signed it. And using that as the trust store, I'd like to be able to trust an SSL server that has a certificate that's signed by this intermediate CA.…
Natan
  • 2,816
  • 20
  • 37
1
vote
2 answers

SSL Handshake failure with TLSv1 by using Java 6, HTMLUnit and Bouncy Castle

I am trying to connect SSL site https://link.bollore-logistics.com by using Java 6 and HTMLUnit, I have added more supported Ciphers by using Bouncy Castle. But still, I am receiving handshake failure. I cannot upgrade Java version due to production…
Dennis
  • 37
  • 6
1
vote
1 answer

CN_match deprecated in favor of peer_name

I'm attempting to send a POST request from one server to another in PHP via SSL. It works correctly when i use CN_match in my context options. However I get a deprecation message in my error log: PHP Deprecated: the 'CN_match' SSL context option…
jpro
  • 384
  • 1
  • 3
  • 13
1
vote
0 answers

Can I use same Self signed certificate for different servers?

I am developing an Android App and I have different servers (ex: server.example1.com, server.example2.com, server.example3.com) and I do not know if I can use the same Self Signed Certificate in my App or not? Can anybody explain to me what it the…
Kushtrim
  • 17
  • 5
1
vote
0 answers

SSLSocket enabledProtocols does not return tls v1.2

I am testing on Android 4.2.2 (API 17) and running following code. KeyManagerFactory kmf = .... //generating KeyManagerFactory if (kmf == null) { throw new UnexpectedInternalException("Initialisation of SSLContext…
g.revolution
  • 11,962
  • 23
  • 81
  • 107
1
vote
0 answers

Android SSLEngine resume ssl session

I’m using SSLEngine to encrypt data in Android, The first Handshake is Ok and I have my encrypted Data, and I have my session id. I want to resume my previous session to avoid creating a new session but in SSLEngine we don’t have the possibility to…
bilel gaabel
  • 11
  • 1
1 2
3
4 5 6 7