Project

General

Profile

keep alive didn't effect

shir Hu
Added almost 4 years ago

Hi,

When I use jaxmpp3 connect to tigase, as no SubjectAltName in self-signed certificate I should disable TLS before login, then I found that about 180s occur error :

  Caused by: java.net.SocketTimeoutException: Read timed out
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.read(SocketInputStream.java:152)
    at java.net.SocketInputStream.read(SocketInputStream.java:122)
    at tigase.jaxmpp.j2se.connectors.socket.TextStreamReader.read(TextStreamReader.java:49)
    at tigase.jaxmpp.j2se.connectors.socket.Worker.run(Worker.java:99)

did not find where to config the timeout value, and if I change source code like this : [[[https://projects.tigase.org/boards/13/topics/4587]]], I am not sure the change is right, Change code or disable TLS , can you give me a suggestion about this problem?


Replies (3)

(1)
Avatar?id=6098&size=32x32

Added by Bartosz Malkowski TigaseTeam almost 4 years ago

Can you create that certificate for me, please? I have to debug a code.

(1)

Added by shir Hu almost 4 years ago

Use tigase server tigase.io.SSLContextContainer to certificate, client receive like this:

 SERVER CERTIFICATE: [[
[
  Version: V1
  Subject: CN=etw-pc, CN=*.etw-pc, EMAILADDRESS=admin@tigase.org, OU=XMPP Service, O=Tigase.org
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 114354365932668108989893179309137332545036426610037074536490106012443309004738016458127492835447060774418757833397881406419609464874949126074005608377045724498598980854910188770191220573044572554544581809523467354236526084050995133038638061485100886186613476070231585768146146700005055530130587068159159347797
  public exponent: 65537
  Validity: [From: Thu Mar 19 12:26:32 CST 2015,
               To: Fri Mar 18 12:26:32 CST 2016]
  Issuer: CN=etw-pc, CN=*.etw-pc, EMAILADDRESS=admin@tigase.org, OU=XMPP Service, O=Tigase.org
  SerialNumber: [    550a4ff8]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 87 07 49 10 19 69 60 28   04 68 74 5B 06 80 4A 15  ..I..i`(.ht[..J.
0010: 33 D5 10 4E 5C 2F 8F 74   40 A0 13 FC 2D F3 60 3F  3..N\/.t@...-.`?
0020: 83 76 B6 F2 AB 1F 0D 14   EB 1D E2 45 48 3A 05 93  .v.........EH:..
0030: C1 CD CA A8 13 AF 69 E3   C6 23 A0 71 A7 2F 64 C0  ......i..#.q./d.
0040: C2 25 21 7F 8A 03 61 94   0C 4B 7B DC 4E 32 A1 83  .%!...a..K..N2..
0050: 91 EF EA C2 E6 38 42 AD   8A E5 6E 94 90 04 AA 45  .....8B...n....E
0060: D5 3C A3 D5 6A CE 85 2C   5E 2C DA 12 26 EE A7 D1  .<..j..,^,..&...
0070: 7C A9 AA 5D A0 12 D5 30   61 64 9A 96 54 BA 97 4D  ...]...0ad..T..M

]]

Use keytool to create default keystore (keytool -genkeypair -v -alias etw-pc -keyalg RSA -keystore E:\shir-keystore) like attachment "shir-keystore" , alias is etw-pc and password is 123456 , It is also has no SubjectAltName

Use keytool to create special keystore (keytool -genkeypair -v -alias etw-pc -keyalg RSA -ext SAN=DNS:etw-pc -keystore E:\rsa-keystore) like attachment "rsa-keystore",alias is etw-pc and password is 123456, It has SubjectAltName , but if I want to use this certificate, I must change code in tigase.io.SSLContextContainer.

Version of JDK is jdk1.7.0_51

shir-keystore (2.16 KB) shir-keystore No SubjectAltName
rsa-keystore (2.17 KB) rsa-keystore Has SubjectAltName
(1)
Avatar?id=6098&size=32x32

Added by Bartosz Malkowski TigaseTeam almost 4 years ago

Fixed. Commited. Pushed.

Thank you.

    (1-3/3)