SSLContext construction for SSL in Netty
Jason Stevens
jstevens at pillardata.com
Mon Jul 20 11:43:25 EDT 2009
That solved my problem. Thanks!
-----Original Message-----
From: netty-users-bounces at lists.jboss.org [mailto:netty-users-bounces at lists.jboss.org] On Behalf Of "??? (Trustin Lee)"
Sent: Monday, July 20, 2009 8:27 AM
To: Netty -Users List
Subject: Re: SSLContext construction for SSL in Netty
Oh, I didn't know about that. Could you elaborate with me in detail?
Thanks,
Trustin
On 07/20/2009 09:47 PM, Mike McGrady wrote:
> Just a side note, Trustin. How does the chunking work with the SSL?
> We have had to do some special things to accommodate SSL and chunking
> in our case.
>
> MIke
>
> On Jul 19, 2009, at 10:47 PM, 이희승 (Trustin Lee) wrote:
>
>> I did a preliminary test with SSLContext.getDefault() using the
>> SecureChat example, and it seems to work fine. The following
>> describes
>> how I initialized SSLEngine in SecureChatPipelineFactory:
>>
>> SSLEngine engine;
>> if (handler instanceof SecureChatClientHandler) {
>> engine = SSLContext.getDefault().createSSLEngine();
>> engine.setEnabledCipherSuites(new String[] {
>> "TLS_DH_anon_WITH_AES_128_CBC_SHA" });
>> engine.setUseClientMode(true);
>> } else {
>> engine = SSLContext.getDefault().createSSLEngine();
>> engine.setEnabledCipherSuites(new String[] {
>> "TLS_DH_anon_WITH_AES_128_CBC_SHA" });
>> engine.setUseClientMode(false);
>> }
>>
>> Using the default SSLContext on only one side also works fine.
>>
>> One interesting issue was that SSL handshake fails with the default
>> SSLContext unless I set the 'enabledCipherSuites' explicitly. On
>> handshake failure, exceptionCaught event is triggered so that you can
>> close the failed connection.
>>
>> If you still believe that there is a problem with the default
>> SSLContext, please post a test application that reproduces your
>> problem.
>>
>> HTH,
>> Trustin
>>
>> On 07/18/2009 12:24 AM, Jason Stevens wrote:
>>> I'm using v3.1.0 CR1. Just tried the latest build and I'm
>>> experiencing
>>> the same issue with it.
>>>
>>> Thanks,
>>> Jason
>>>
>>> -----Original Message-----
>>> From: netty-users-bounces at lists.jboss.org
>>> [mailto:netty-users-bounces at lists.jboss.org] On Behalf Of "???
>>> (Trustin
>>> Lee)"
>>> Sent: Thursday, July 16, 2009 6:25 PM
>>> To: Netty -Users List
>>> Subject: Re: SSLContext construction for SSL in Netty
>>>
>>> Hi Jason,
>>>
>>> Which Netty version are you using? Could you let me know if you are
>>> still having such a problem with the nightly build?
>>>
>>> Trustin
>>>
>>> On 07/17/2009 06:56 AM, jasons2645 wrote:
>>>> I have a client/server app written atop Netty that works fine over
>>>> SSL
>>> when I
>>>> initialize my SSLContext with a keystore, trust manager, etc. But
>>> when I
>>>> use SSLContext.getDefault() as my context, the client/server stops
>>> working.
>>>> My log output indicates that a connection (channel) is established,
>>> but then
>>>> no messages ever get read.
>>>>
>>>> Is this something I have hooked up incorrectly? Or is what I'm
>>>> trying
>>> to do
>>>> not supported by Netty or Java?
>>>>
>>>> Thanks,
>>>> Jason
>>> _______________________________________________
>>> netty-users mailing list
>>> netty-users at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/netty-users
>>>
>>> _______________________________________________
>>> netty-users mailing list
>>> netty-users at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/netty-users
>> _______________________________________________
>> netty-users mailing list
>> netty-users at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/netty-users
>
> Mike McGrady
> Principal Investigator AF081-028 AFRL SBIR
> Senior Engineer
> Topia Technology, Inc.
> 1.253.720.3365
> mmcgrady at topiatechnology.com
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> netty-users mailing list
> netty-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/netty-users
_______________________________________________
netty-users mailing list
netty-users at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/netty-users
More information about the netty-users
mailing list