0

Im coding a client-server chat application. I want to encrypt connection between those two. Im doing that for my first time and I find it difficult. In my understanding I need a truststore for client and a keystore for server. I have followed this guide to generate them:http://peoplesofttutorial.com/generating-key-store-and-trust-store-using-keytool/

Client:

        System.setProperty("javax.net.ssl.trustStore" , "hrms.truststore");
        System.setProperty("javax.net.ssl.trustStorePassword" , "123456");
        SSLSocketFactory sslsf = (SSLSocketFactory) SSLSocketFactory.getDefault();
        SSLsocket = (SSLSocket) sslsf.createSocket(server, port);

Server:

        System.setProperty("javax.net.ssl.keyStore" , "pskey.keystore");
        System.setProperty("javax.net.ssl.keyStorePassword","123456");
        SSLServerSocketFactory sslsocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        sslserversocket = (SSLServerSocket) sslsocketfactory.createServerSocket(Port);

Server is starting correctly. When I connect a client which is run on the same computer as the server is then I can connect without any issues but when I connect from different computer which is on the same network I get this error: javax.net.ssl.SSLException: Received fatal alert: internal_error

Could anyone help me solve this error?

Benjamin W.
  • 46,058
  • 19
  • 106
  • 116
beli
  • 57
  • 1
  • 7
  • your server needs a known certificate known to java which extends from root certificates. you need a real certificate or you have to import to cacerts using keytools. you may want also enable debugging afterwards so see ongoing errors. – benchpresser Mar 19 '17 at 00:29
  • your snippet worked here (two machines running oracle java 8 u121 in the same network). Please describe your environment, and this logging might help: `System.setProperty("javax.net.debug", "ssl");` – nandsito Mar 19 '17 at 02:00
  • @nandsito My environment is as follows: Both computers are running java 1.8.0_121, both computer are connected to the same network, both are running windows 10, Computer A is running server and a client, client on computer A is working correctly, Computer B is running clinet and this computer is getting error when connecting. I add a link to copypaste: [link] https://codepaste.net/fmyekg – beli Mar 19 '17 at 13:48
  • maybe it's a HostnameVerifier/server_name/SNI issue. Two links: http://stackoverflow.com/questions/41692736/all-trusting-hostnameverifier-causes-ssl-errors-with-httpurlconnection and http://stackoverflow.com/questions/30817934/extended-server-name-sni-extension-not-sent-with-jdk1-8-0-but-send-with-jdk1-7 – nandsito Mar 19 '17 at 14:17

1 Answers1

0

I have solved my issue. My trust store and keystone were in my project files, but when I compiled it to runnable jar I thought that trust store and keystore are included in that runnable jar, unfortunately they are not. I solved it by putting truststore and keystore in one folder with the runnable jar.

Solution was really simple and the whole problem occurred because of my inexperience.

Thank you for help.

beli
  • 57
  • 1
  • 7