SSL connection failure between java server and android client

I am trying to setup mutual authentication SSL connection between java host and android client. Don't know why its not getting connected. Below are the code of Android client app and Java server.

Client code:

private SSLContext createSSLContext(final Context cont){
    SSLContext ssl_cont = null;
    try {
        Log.d(TAG, "TrustStore - Initializing");   
        KeyStore trustStore = KeyStore.getInstance("BKS");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        InputStream trustStoreStream = cont.getResources().openRawResource(R.raw.myclienttruststore);
        trustStore.load(trustStoreStream, "client".toCharArray());
        trustManagerFactory.init(trustStore);
        Log.d(TAG, "TrustStore - Initialized");

        // Setup keystore
        Log.d(TAG, "KeyStore - Initializing");
        KeyStore keyStore = KeyStore.getInstance("BKS");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        InputStream keyStoreStream = cont.getResources().openRawResource(R.raw.myclient);
        keyStore.load(keyStoreStream, "client".toCharArray());
        keyManagerFactory.init(keyStore, "client".toCharArray());
        Log.d(TAG, "KeyStore - Initialized");

        ssl_cont = SSLContext.getInstance("TLS");
        ssl_cont.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); 
    } catch (Exception e) {
        // TODO Auto-generated catch block
        alertbox("SSLClient", "ERROR: " + e.getMessage());
        Log.d(TAG, "ERROR: " + e.getMessage());
    }
    return ssl_cont;
}

OnClickListener onConnClick = new OnClickListener() {

    public void onClick(View arg0) {
        // TODO Auto-generated method stub
        try {
            // Setup the SSL context to use the truststore and keystore
            Log.d(TAG, "Started..");
            SSLContext ssl_context = createSSLContext(cont);
            Log.d(TAG,"here 1...");
            SSLSocketFactory socketFactory = (SSLSocketFactory) ssl_context.getSocketFactory();
            Log.d(TAG,"here 2...");
            socket = (SSLSocket) socketFactory.createSocket(ipadd.getText().toString().trim(), Integer.parseInt(port.getText().toString().trim()));
            Log.d(TAG,"here 3...");
            dataOut = new DataOutputStream(socket.getOutputStream());
            dataIn = new DataInputStream(socket.getInputStream());
            dataOut.writeUTF("Hello !!");
            msgin.setText("Connected");
            Log.d(TAG, "Completed..");
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            msgin.setText("Not connected");
            alertbox("Main", "ERROR: " + e.getMessage());
            Log.d(TAG, "ERROR: " + e.getMessage());
        }
    }
};

Server code:

    try {
        mySSLServerFac = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        mySSLServerSocket = (SSLServerSocket) mySSLServerFac.createServerSocket(9999);
        System.out.println("Listening on 9999\n");
        mySSLSocket = (SSLSocket) mySSLServerSocket.accept();           
        DataInputStream input = new DataInputStream(mySSLSocket.getInputStream());
        DataOutputStream output = new DataOutputStream(mySSLSocket.getOutputStream());      
        do{
            System.out.println("Remote IP Address : " + mySSLSocket.getInetAddress());
            msg = input.readUTF().toString();
            System.out.println(msg);
            java.util.Scanner sc = new java.util.Scanner(System.in);
            output.writeUTF(sc.nextLine());
        }while(msg != "exit");
        System.out.println(msg);                
    } catch (Exception e) {
        e.printStackTrace();
    }

I am stuck with "No cipher suites in common" error at server. Since i am nowhere in SSL connection setup. Let me help if you find out the bug or major problem.

Here is the link i followed to create certificate and truststore. Truststore and kestore i have created are here

I am using Android 2.2 and BKSProvider 1.46, please let know where i am going wrong. I have to wind up this project as soon as possible.

Thanks in advance.

2012-04-05 18:21
by Ibad Khan

Define 'not getting connected'. What happens instead? Stack trace - user207421 2012-04-06 00:46

possible duplicate of SSL connection between android client and java serveruser207421 2012-04-06 00:47

Reason behind duplication, is i am not getting answered to my post. Is it a sort of question that no one can answer ? Will never give up on trying and asking this question again unless i am answered - Ibad Khan 2012-04-09 19:13

That's not an acceptable reason for duplicate posts here - user207421 2012-04-10 09:23

@EJP, the issue i'm facing now is different from before. The content of those post are same, but issues are different. So i will try modifying current post to depict my current issues, sorry for being noisy. Will be careful next time. But i'm afraid, the post will be neglected and might not get any response - Ibad Khan 2012-04-12 18:48

It's solved ! Problem was with the truststore of java host, followed this post.

The trustStore needs to be specified for client/server as they are using the default trustStore, causing failure. Using -Djavax.net.ssl.trustStore=servertruststore.jks -Djavax.net.ssl.trustStorePassword=server on the server and creating own keystore & truststore at client allows the session to complete. It was the -Djavax.net.debug=ssl,handshake which helped lot.

The entire command is : java -Djavax.net.ssl.keyStore=server.jks -Djavax.net.ssl.keyStorePassword=server -Djavax.net.ssl.trustStore=servertruststore.jks -Djavax.net.ssl.trustStorePassword=server SSLServer

Now i am on to creating sslsession and multi-threaded programming.

2012-04-14 12:34
by Ibad Khan

From the stack trace it looks like exception you caught does not contain a message.

Log.d(TAG, e.getMessage());

It has nothing to do with SSL.

2012-04-05 18:24
by ahanin

Yes ! you were right. Got rid of the NULL exception. But the fact is SSL connection is not working yet - Ibad Khan 2012-04-05 18:34

ahanin, you helped me out of that NULL exception bro. Thanks for that advice of yours. But i am still lost in establishing connection between java server and android client - Ibad Khan 2012-04-05 18:50

@iCan, please, add the stack trace so people can help you - ahanin 2012-04-10 07:58

I have solved this issue but facing another issue right now, it is related to "No cipher suites in common" at java host and "SSLHandshake failure" at android client. Do i need to post the question again or should continue in this post - Ibad Khan 2012-04-12 18:20

Since i am dealing with self signed certificates, its real pain to have ssl connection between java host and android client. Have created certificates following this link but code is modified bit. Any info how to overcome "no cipher suite in common" error - Ibad Khan 2012-04-12 18:27