Hi
I am trying to connect to https server using Mirth 3.1.1 channel.
I have to prove my ability to connect securely as client with mutual authentication with TLS server on a given port.
the server developers have given me:
1) server CA certificate (PEM format)
2) client key pair (P12 format)
3) client certificate (PEM format)
4) client key (PEM format)
5) keystore (JKS format)
I searched for the posts handling SSL connection in mirth community and accordingly did the following (using portecle):
1)imported server CA PEM certificate into mirth\appdata\truststore.jks
2)imported server CA PEM certificate into java\lib\security\cacert
3)imported client key pair (P12) file and server CA certificate into mirth\appdata\keystore.jks
4)added the following lines to mcserver.properties file:
-Djavax.net.ssl.keyStoreType=JCEKS
-Djavax.net.ssl.keyStore=C:\"Program Files"\"Mirth Connect"\appdata\keystore.jks
-Djavax.net.ssl.keyStorePassword=81uWxplDtB
-Djavax.net.ssl.trustStoreType=JCEKS
-Djavax.net.ssl.trustStore=C:\"Program Files"\"Mirth Connect"\appdata\truststore.jks
-Djavax.net.ssl.trustStorePassword=81uWxplDtB
5)restarted mirth service.
6)used https IP and port in the destination http sender URL (but noticed field is turning yellow with a remark that SSL is not configured and mutual authentication is not possible (check doc attachement) Attachment 2170
However when sending a message calling the server secure port from my channel http sender I get the following error:
HTTP Sender error
ERROR MESSAGE: Error connecting to HTTP server
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAle rt(Unknown Source)
..........
I have attached the tracked stream from wireshark. Attachment 2169
it seems the server is sending it's certificate however my client is not sending it's certificate:(
the server is reporting the following error:
javax.net.ssl.SSLHandshakeException: null cert chain
at com.sun.net.ssl.internal.ssl.Handshaker.checkThrow n(Handshaker.java-
:1015)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTa skThrown(SSLEngin-
eImpl.java:485)
...........
any assistance is mostly appreciated.
I am trying to connect to https server using Mirth 3.1.1 channel.
I have to prove my ability to connect securely as client with mutual authentication with TLS server on a given port.
the server developers have given me:
1) server CA certificate (PEM format)
2) client key pair (P12 format)
3) client certificate (PEM format)
4) client key (PEM format)
5) keystore (JKS format)
I searched for the posts handling SSL connection in mirth community and accordingly did the following (using portecle):
1)imported server CA PEM certificate into mirth\appdata\truststore.jks
2)imported server CA PEM certificate into java\lib\security\cacert
3)imported client key pair (P12) file and server CA certificate into mirth\appdata\keystore.jks
4)added the following lines to mcserver.properties file:
-Djavax.net.ssl.keyStoreType=JCEKS
-Djavax.net.ssl.keyStore=C:\"Program Files"\"Mirth Connect"\appdata\keystore.jks
-Djavax.net.ssl.keyStorePassword=81uWxplDtB
-Djavax.net.ssl.trustStoreType=JCEKS
-Djavax.net.ssl.trustStore=C:\"Program Files"\"Mirth Connect"\appdata\truststore.jks
-Djavax.net.ssl.trustStorePassword=81uWxplDtB
5)restarted mirth service.
6)used https IP and port in the destination http sender URL (but noticed field is turning yellow with a remark that SSL is not configured and mutual authentication is not possible (check doc attachement) Attachment 2170
However when sending a message calling the server secure port from my channel http sender I get the following error:
HTTP Sender error
ERROR MESSAGE: Error connecting to HTTP server
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAle rt(Unknown Source)
..........
I have attached the tracked stream from wireshark. Attachment 2169
it seems the server is sending it's certificate however my client is not sending it's certificate:(
the server is reporting the following error:
javax.net.ssl.SSLHandshakeException: null cert chain
at com.sun.net.ssl.internal.ssl.Handshaker.checkThrow n(Handshaker.java-
:1015)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTa skThrown(SSLEngin-
eImpl.java:485)
...........
any assistance is mostly appreciated.
client side SSL authentication bad certificate
0 commentaires:
Enregistrer un commentaire