Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Java API SSL client fails to connect to Build Forge

Questions
Tags
Users
Badges
Peter Moraza
(481924) May 08 '14, 6:48 p.m.
Hi,

We are trying to test connectivity to Build Forge 7.1.3.4 from a Java SSL client. I've followed the instructions in the following url to configure the Java client.

http://pic.dhe.ibm.com/infocenter/bldforge/v7r1m3/index.jsp?topic=%2Fcom.ibm.rational.buildforge.doc%2Ftopics%2Fconfig_sec_ssl_enabling_api_comm.html

The client terminates with RemoteServerAbortException.

com.buildforge.services.common.ssl.provider.JSSEProviderFactory initializeIBMCMSProvider
WARNING: {SSLProviderLoadFailed: [com.ibm.security.cmskeystore.CMSProvider]}
Exception in thread "main" com.buildforge.services.common.ssl.BuildForgeSSLEngine$RemoteServerAbortException: {SSLRemoteServerAbort}
        at com.buildforge.services.common.ssl.BuildForgeSSLEngine.handshake(BuildForgeSSLEngine.java:257)
        at com.buildforge.services.common.ssl.BuildForgeSSLEngine.init(BuildForgeSSLEngine.java:116)
        at com.buildforge.services.client.api.SecureAPIClientBuffer.<init>(SecureAPIClientBuffer.java:25)
        at com.buildforge.services.client.api.SecureAPIClientConnection.<init>(SecureAPIClientConnection.java:76)
        at com.buildforge.services.client.api.SecureAPIClientConnection.<init>(SecureAPIClientConnection.java:72)

Unable to find any documentation for this error. Does anyone know what issue the BuildForgeSSLEngine.RemoteServerAbortException might indicate? TIA

Peter

0 votes

Comments
eric yang
FORUM MODERATOR May 15 '14, 9:49 p.m.

please see this use the SecureAPIClientConnection demo (24712)

https://jazz.net/jazz09/resource/itemName/com.ibm.team.workitem.WorkItem/24712

Peter Moraza
May 20 '14, 12:18 a.m.

Hi Eric,


My Java test client is based on one of the BF client examples but instead exercises the SecureAPIClientConnection class as yours does, and it is very similar to the file in your Work Item 24712, except it simply displays the BF projects. Thanks for sharing, it helped me confirm that my code should work. I suspect my issue might be with the keystore and truststore files supplied to me. The .p12s refer to a hostname that does not match the hostname of the actual Build Forge server. I'll need to confirm how the keys were generated and the environment setup. Thanks for sharing!

Peter

1 answer
6,389 views
0 votes

One answer

Permanent link
Donald Nong
(14.5k614) May 09 '14, 1:36 a.m.
Hi Peter,
The exception name itself may not say anything and the true cause is normally found at the bottom of the complete stack trace.
Based on the stack trace that you posted, I suspect that the client could not load the keystore and threw this exception.

0 votes

Comments
Peter Moraza
May 09 '14, 7:38 p.m.
Changed setup, increased trace. Now see details from .p12s. SSLProviderLoadFailed gone. Still see same RemoteServerAbortException. Any further ideas?

Build-Level: -20130318
adding as trusted cert:
  Subject: CN=abc.mydomain.org
  Issuer:  CN=abc.mydomain.org

SSLContextImpl:  Using X509ExtendedKeyManager 
SSLContextImpl:  Using X509TrustManager 

Using SSLEngineImpl.
JsseJCE:  Using SecureRandom IBMSecureRandom from provider IBMJCE

main, WRITE: TLSv1 Handshake, length = 141
Exception in thread "main" com.buildforge.services.common.ssl.BuildForgeSSLEngine$RemoteServerAbortException: {SSLRemoteServerAbort}
at com.buildforge.services.common.ssl.BuildForgeSSLEngine.handshake(BuildForgeSSLEngine.java:257)

Donald Nong
May 11 '14, 8:29 p.m.

Without the complete stack trace, I can't say much about it. Seeing that the exception occurred during handshake, I suspect that the problem was still with the certificate and/or algorithm.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 11,055

Question asked: May 08 '14, 6:48 p.m.

Question was seen: 6,389 times

Last updated: May 20 '14, 12:18 a.m.

Confirmation Cancel Confirm