Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Java SOAP SSL client failed to connect with Condor (v.7.4.4)

Date: Wed, 4 Apr 2012 15:26:58 -0500
From: Zhu Wayne <zhuw.chicago@xxxxxxxxx>
Subject: Re: [Condor-users] Java SOAP SSL client failed to connect with Condor (v.7.4.4)

I finally passed the SSL certification by converting client
certificate to pcks12 format. However, after the initial handshake,
Condor daemon closes the connection right away on the client,


$ openssl s_client  -cert client-cert-key.pem -CAfile ../cacert.pem
-connect wiwebcm301p.qa.ch3.s.com:9818
Enter pass phrase for client-cert-key.pem:
CONNECTED(00000003)
...
---
Server certificate
-----BEGIN CERTIFICATE-----
...
---
Acceptable client certificate CA names
...
---
SSL handshake has read 1743 bytes and written 1950 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID:
    Session-ID-ctx:
    Master-Key:
8A6D245B2541C2AD36C17F574654DA58D68F1DBB7F2D119DA4D9817C34C2D5CE123E97C2E1CA4A475E1FE2436ECDBFBF
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1333570505
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
closed

However, I can connect  the same client with openssl s_server without
being disconnected.
Here is server side:
 openssl s_server -cert server-cert-key.pem -CAfile ../cacert.pem -www
Using default temp DH parameters
ACCEPT

Here is client side:
$ openssl s_client  -cert client-cert-key.pem -CAfile ../cacert.pem
-connect wiwebcm301p.qa.ch3.s.com:4433
Enter pass phrase for client-cert-key.pem:
CONNECTED(00000003)
...
---
Certificate chain
 ...
---
Server certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
...
---
No client certificate CA names sent
---
SSL handshake has read 1926 bytes and written 255 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: EE7B676F6BBEEDB85E89F100AB9DD1E7D9CC91305B8C9B813FA5E397306795E7
    Session-ID-ctx:
    Master-Key:
29CCCCADD18B0B0BC6F1C406E0FF5A912A2AFF1A02FAECDD5F48372B2993715B8251E2D28A847DE15E01468D5096078B
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1333571166
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

References:
- [Condor-users] Java SOAP SSL client failed to connect with Condor (v.7.4.4)
  - From: Zhu Wayne

Prev by Date: [Condor-users] Java SOAP SSL client failed to connect with Condor (v.7.4.4)
Next by Date: Re: [Condor-users] detailed instruction on how to setup condor soap ssl
Previous by thread: [Condor-users] Java SOAP SSL client failed to connect with Condor (v.7.4.4)
Next by thread: [Condor-users] condor_submit to be less verbose
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [Condor-users] Java SOAP SSL client failed to connect with Condor (v.7.4.4)