From Sean.Zhao at qwest.com Tue Apr 12 19:12:07 2011
From: Sean.Zhao at qwest.com (Zhao, Sean)
Date: Tue, 12 Apr 2011 17:12:07 -0600
Subject: [arin-tech-discuss] Question about your RESTful Server, method PUT
Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF19752306C8@qtdenexmbm20.AD.QINTRA.COM>
Hi,
My name is Sean Zhao from Qwest, one of your customer. I got a research assignment to see if we want to use Arin's RESTful Server or some other servers. Since I am the original Arin's email SWIP developer. I am doing the research of your RESTful Server first now. Now I got an issue here. On serviceClient.sendReceive, I keep on getting the error AxisFault message "charsetName". That's it! No more word.
Just one word of exception. I don't know what to do. I will appreciate if anyone can help me
And don't know where to go. I am scream for help.
I have java code looks like this, briefly
Options options = new Options();
options.setTo(new EndpointReference("https://www.arin.net/rest/net/NET-216-206-0-0-1/reallocate?apikey=MyAPIKey"));
options.setProperty(Constants.Configuration.ENABLE_REST, Constants.VALUE_TRUE);
options.setSoapVersionURI(org.apache.axiom.soap.SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI);
options.setProperty(org.apache.axis2.transport.http.HTTPConstants.HTTP_PROTOCOL_VERSION,
org.apache.axis2.transport.http.HTTPConstants.HEADER_PROTOCOL_10);
options.setProperty(Constants.Configuration.HTTP_METHOD, "PUT");
options.setProperty(
org.apache.axis2.transport.http.HTTPConstants.CONTENT_TYPE,
org.apache.axis2.transport.http.HTTPConstants.MEDIA_TYPE_APPLICATION_XML);
System.setProperty("javax.net.ssl.trustStore", "ssl/arin.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "arinLims");
System.setProperty("javax.net.ssl.keyStore", "ssl/arin.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "arinLims");
ServiceClient serviceClient = new ServiceClient();
serviceClient.setOptions(options);
OMElement omElementResult = serviceClient.sendReceive(omElementPayload);
The omElementPayload loosk like this
4
BNO
A
216.207.149.16
216.207.149.23
29
BCNO1-ARIN
Q0412-216-207-149-16
209
And my key store file is generated by InstallCert, which I download from internet.
Am I doing anything wrong? What am I missing?
Appreciate any helps, hints or ideas.
Thanks,
Sean Zhao
________________________________
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From timc at arin.net Wed Apr 13 11:54:14 2011
From: timc at arin.net (Tim Christensen)
Date: Wed, 13 Apr 2011 15:54:14 +0000
Subject: [arin-tech-discuss] Question about your RESTful Server,
method PUT
In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF19752306C8@qtdenexmbm20.AD.QINTRA.COM>
Message-ID:
Hello Sean,
After reviewing both your submission here, and looking at a few things internally, we have identified that there are (at the least) some documentation gaps, if not an outright bug.
A ?best practice? that is consistent with the Methods and Payloads documentation, but may not be expressed in an explicit or obvious enough manner, is that you should omit system-generated attributes from payloads that create new objects. Furthermore, it?s a very good idea that if you are omitting optional fields, that you (also) not provide ?empty? tags.
For a reallocate, the only things you should need to provide are
* in the URL, /rest/net/[parent_net_handle-goes-here]/reallocate?apikey=[api-key-goes-here]
* content-type = application/xml
* method = PUT
* in the NET payload, the attributes:
* - version
* - orgHandle (this is the handle of the Org you?re reallocating to)
* - netBlocks collection, including: type (A), and a start-and-end OR start-and-cidr
* - netName
* - originASes collection (if applicable)
* - parentNetHandle (must match the [parent_net_handle-goes-here] from the URL)
* - optionally, the comment collection or pocLinks collection if you are providing this information.
We will be looking to improve the documentation to make this more clear.
Also, I have seen the ?charsetName? error when you provide an empty tag for an enumerated value on occasion, so I believe that may be the issue. We will be exploring this bug, and making a fix if necessary.
Best regards, and thank you for your feedback,
Tim Christensen
ARIN Engineering
On 4/12/11 7:12 PM, "Zhao, Sean" said:
Hi,
My name is Sean Zhao from Qwest, one of your customer. I got a research assignment to see if we want to use Arin?s RESTful Server or some other servers. Since I am the original Arin?s email SWIP developer. I am doing the research of your RESTful Server first now. Now I got an issue here. On serviceClient.sendReceive, I keep on getting the error AxisFault message ?charsetName?. That?s it! No more word.
Just one word of exception. I don?t know what to do. I will appreciate if anyone can help me
And don?t know where to go. I am scream for help.
I have java code looks like this, briefly
Options options = new Options();
options.setTo(new EndpointReference(?https://www.arin.net/rest/net/NET-216-206-0-0-1/reallocate?apikey=MyAPIKey?));
options.setProperty(Constants.Configuration.ENABLE_REST, Constants.VALUE_TRUE);
options.setSoapVersionURI(org.apache.axiom.soap.SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI);
options.setProperty(org.apache.axis2.transport.http.HTTPConstants.HTTP_PROTOCOL_VERSION,
org.apache.axis2.transport.http.HTTPConstants.HEADER_PROTOCOL_10);
options.setProperty(Constants.Configuration.HTTP_METHOD, ?PUT?);
options.setProperty(
org.apache.axis2.transport.http.HTTPConstants.CONTENT_TYPE,
org.apache.axis2.transport.http.HTTPConstants.MEDIA_TYPE_APPLICATION_XML);
System.setProperty("javax.net.ssl.trustStore", "ssl/arin.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "arinLims");
System.setProperty("javax.net.ssl.keyStore", "ssl/arin.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "arinLims");
ServiceClient serviceClient = new ServiceClient();
serviceClient.setOptions(options);
OMElement omElementResult = serviceClient.sendReceive(omElementPayload);
The omElementPayload loosk like this
4
BNO
A
216.207.149.16
216.207.149.23
29
BCNO1-ARIN
Q0412-216-207-149-16
209
And my key store file is generated by InstallCert, which I download from internet.
Am I doing anything wrong? What am I missing?
Appreciate any helps, hints or ideas.
Thanks,
Sean Zhao
________________________________
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
________________________________
_______________________________________________
arin-tech-discuss mailing list
arin-tech-discuss at arin.net
http://lists.arin.net/mailman/listinfo/arin-tech-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From Sean.Zhao at qwest.com Fri Apr 15 11:51:48 2011
From: Sean.Zhao at qwest.com (Zhao, Sean)
Date: Fri, 15 Apr 2011 09:51:48 -0600
Subject: [arin-tech-discuss] Question about your RESTful Server,
method PUT
Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF1975230B32@qtdenexmbm20.AD.QINTRA.COM>
Tim
Thank you so much for your reply!! I really do because I was in a dark room and hitting walls.
I did exactly as you suggested. The payload looks like this,
4
BNO
A
216.207.149.16
29
BCNO1-ARIN
Q0415-216-207-149-16
209
I removed all the blank tag. I still get same error "charsetName". Maybe I over removed it?
Thanks,
Sean Zhao
________________________________
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From timc at arin.net Fri Apr 15 13:31:55 2011
From: timc at arin.net (Tim Christensen)
Date: Fri, 15 Apr 2011 17:31:55 +0000
Subject: [arin-tech-discuss] Question about your RESTful Server,
method PUT
In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF1975230B32@qtdenexmbm20.AD.QINTRA.COM>
Message-ID:
Sean,
You?re almost there...... You are missing just a couple of things.
1. In any reallocation, you are subdelegating a network to another Org, not a ?customer?. (The term ?customer? in the ARIN context represents a simple-reassignment recipient, not a reallocation recipient. So, you need to remove the attribute. The Org_Handle of the recipient (to whom you?re subdelegating the allocation) is what you put into the attribute.
2. In a reallocation, you must provide the attribute. The content of the attribute must exactly match the Parent Net Handle expressed in the URL.
3. Please ensure that you?re using US-ASCII or UTF-8 character set, and content type application/xml. I suspect that Axis? default character set is ISO-8859-1, which may be a source of the error you are seeing.
Best regards,
Tim Christensen
ARIN Engineering
On 4/15/11 11:51 AM, "Zhao, Sean" said:
Tim
Thank you so much for your reply!! I really do because I was in a dark room and hitting walls.
I did exactly as you suggested. The payload looks like this,
4
BNO
A
216.207.149.16
29
BCNO1-ARIN
Q0415-216-207-149-16
209
I removed all the blank tag. I still get same error ?charsetName?. Maybe I over removed it?
Thanks,
Sean Zhao
________________________________
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
________________________________
_______________________________________________
arin-tech-discuss mailing list
arin-tech-discuss at arin.net
http://lists.arin.net/mailman/listinfo/arin-tech-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From siri.anupama at gmail.com Thu Apr 28 13:38:03 2011
From: siri.anupama at gmail.com (Anupama Siripurapu)
Date: Thu, 28 Apr 2011 10:38:03 -0700
Subject: [arin-tech-discuss] Can Any one help me Please
Message-ID:
Hello ,
I have joined in arin tech discussions with office mail id.
I work for Verizon
i am working on ARIN Online. i.e RWS assignments, i am getting 403
forbidden error when i hot the ARIN URL (test bed url)
rest-beta-net/public url, which is given to us officially.
in the assignment url we need to pass, parent_net -handle.
i did who is for a particular network , and i dint get any parent_net_handle
in the response of who_is, but i got HANDLE value.
so , i hav egiven HANDLE value from the who is , in the are-assign url. with
that i am getting 403 error..
can any one please help me that, how do i get the PARENT _NET HANDLE for a
particular network.
how can i access that one ASAP.
Thank ,
Anupama
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From Sean.Zhao at qwest.com Fri Apr 22 16:41:06 2011
From: Sean.Zhao at qwest.com (Zhao, Sean)
Date: Fri, 22 Apr 2011 14:41:06 -0600
Subject: [arin-tech-discuss] Question about your RESTful Server,
method PUT
Message-ID: <6369CD337F4CEE47A9FE64D907B2DBAF19E0E2899E@qtdenexmbm20.AD.QINTRA.COM>
Hello Arin, anyone who can help me.
First of all, Thanks Tim,
The tips Tim gave me DOES work sometimes. But the behavior was sort of weird. It still gave me "charsetName" error. But ip WAS assigned. No return message but exception. So... I decide to use SOAP instead of axis2, nothing fancy.
System.setProperty("javax.net.ssl.trustStore", "ssl/arin.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "arinLims");
System.setProperty("javax.net.ssl.keyStore", "ssl/arin.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "arinLims");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
String strResponseXml = null;
try
{
URL url = new URL(strUrl);
SOAPHttpsURLConnection httpsURLConnection = (SOAPHttpsURLConnection)url.openConnection();
httpsURLConnection.setRequestProperty("Content-Type", "text/plain; charset=utf-8");
httpsURLConnection.setRequestMethod(strMethod);
httpsURLConnection.setDoOutput(true);
httpsURLConnection.setDoInput(true);
OutputStream outputStream = httpsURLConnection.getOutputStream();
System.out.println("Sean Zhao ArinUtil.send : outputStream = " + outputStream);
InputStream inputStream = httpsURLConnection.getInputStream();
System.out.println("Sean Zhao ArinUtil.send : inputStream = " + inputStream);
OutputStreamWriter outputStreamWriter = new OutputStreamWriter(outputStream);
BufferedWriter bufferedWriter = new BufferedWriter(outputStreamWriter);
System.out.println("Sean Zhao ArinUtil.send : strPayload = " + strPayload);
bufferedWriter.write(strPayload + '\n');
InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
System.out.println("Sean Zhao ArinUtil.send : going to send xml to Arin");
while ((strResponseXml = bufferedReader.readLine()) != null)
{
System.out.println("Sean Zhao ArinUtil.send : strResponseXml = " + strResponseXml);
}
outputStream.flush();
outputStreamWriter.flush();
bufferedWriter.flush();
System.out.println("Sean Zhao ArinUtil.send : flushed all");
bufferedWriter.close();
outputStreamWriter.close();
outputStream.close();
System.out.println("Sean Zhao ArinUtil.send : closed all writers");
bufferedReader.close();
inputStreamReader.close();
inputStream.close();
System.out.println("Sean Zhao ArinUtil.send : closed all readers");
}
catch(IOException ioException)
{
System.out.println("Sean Zhao ArinUtil.send : ioException = " + ioException.getMessage());
}
System.out.println("Sean Zhao ArinUtil.send : strResponseXml(before return) = " + strResponseXml);
return strResponseXml;
But this time I still get errors with more details,
Sean Zhao ArinUtil.send : ioException = [Security:090477]Certificate chain received from www.arin.net - 192.149.252.75 was not trusted causing SSL handshake failure.
I guess it is either my api key is bad, or my jks file is bad.
I use keytool to view my jsk key, It looks like this,
keytool -list -v -keystore arin.jks
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: www.arin.net-1
Creation date: Apr 12, 2011
Entry type: trustedCertEntry
Owner: CN=www.arin.net, OU=Intel(R) Client Setup Certificate, O=American Registry for Internet Numbers Ltd., L=Chantilly, ST=VA, C=US
Issuer: SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 3eda469e277a2
Valid from: Wed Oct 07 15:22:25 MDT 2009 until: Thu Nov 01 12:39:34 MDT 2012
Certificate fingerprints:
MD5: 3E:22:6E:76:7A:3F:5C:04:BB:07:0D:C1:07:1D:77:A7
SHA1: AF:C6:21:17:56:BB:D6:BB:27:C5:B2:95:BD:4D:32:B2:08:D4:6B:53
Signature algorithm name: SHA1withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen:2147483647
]
#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7E AA 33 74 CD 7D C9 DC B4 08 6A D2 C1 24 E2 70 ..3t......j..$.p
0010: 65 8F F3 B8 e...
]
]
#4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.starfieldtech.com/,
accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://certificates.starfieldtech.com/repository/sf_intermediate.crt]
]
#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.starfieldtech.com/sfs2-0.crl]
]]
#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.114414.1.7.23.2]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 31 68 74 74 70 3A 2F 2F 63 65 72 74 69 66 69 .1http://certifi
0010: 63 61 74 65 73 2E 73 74 61 72 66 69 65 6C 64 74 cates.starfieldt
0020: 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F ech.com/reposito
0030: 72 79 2F ry/
]] ]
]
#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
#8: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 49 4B 52 27 D1 1B BC F2 A1 21 6A 62 7B 51 42 7A IKR'.....!jb.QBz
0010: 8A D7 D5 56 ...V
]
]
#9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: www.arin.net
DNSName: arin.net
]
Anything bad?
What I did is
1. I downloaded InstallCert.java from Internet
2. Run it
3. And export the file InstallCert created into a cert file with keytool
4. And import the cert file into my new jks file with keytool.
Anything wrong I did ?
Thanks a lot for the help,
Sean Zhao
________________________________
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From andy at arin.net Thu Apr 28 16:06:11 2011
From: andy at arin.net (Andy Newton)
Date: Thu, 28 Apr 2011 20:06:11 +0000
Subject: [arin-tech-discuss] Can Any one help me Please
In-Reply-To:
References:
Message-ID:
Anupama,
My responses are inline...
On Apr 28, 2011, at 1:38 PM, Anupama Siripurapu wrote:
> i am working on ARIN Online. i.e RWS assignments, i am getting 403 forbidden error when i hot the ARIN URL (test bed url)
> rest-beta-net/public url, which is given to us officially.
>
I assume you mean https://rest-beta.arin.net/public, which would be the ARIN Online public facing system for the REST beta/OT&E.
If you are getting a 403 with that URL, then your public facing source IP address is not in the access control list given to us by Verizon.
> in the assignment url we need to pass, parent_net -handle.
> i did who is for a particular network , and i dint get any parent_net_handle in the response of who_is, but i got HANDLE value.
>
> so , i hav egiven HANDLE value from the who is , in the are-assign url. with that i am getting 403 error..
>
Your 403 in this case is likely caused for the same reason I mentioned above.
> can any one please help me that, how do i get the PARENT _NET HANDLE for a particular network.
In Whois-RWS, the parent net handle is the handle attribute of the parentNetRef element returned in a net.
In the RESTful Provisioning system, the parent net handle is the content of the parentNet element in a net.
Andy Newton,
Chief Engineer, ARIN
From andy at arin.net Thu Apr 28 16:22:54 2011
From: andy at arin.net (Andy Newton)
Date: Thu, 28 Apr 2011 20:22:54 +0000
Subject: [arin-tech-discuss] Question about your RESTful Server,
method PUT
In-Reply-To: <6369CD337F4CEE47A9FE64D907B2DBAF19E0E2899E@qtdenexmbm20.AD.QINTRA.COM>
References: <6369CD337F4CEE47A9FE64D907B2DBAF19E0E2899E@qtdenexmbm20.AD.QINTRA.COM>
Message-ID: <6508B073-D4E8-4A3A-B544-6E12316AC6FC@arin.net>
Sean,
Our API uses REST and not SOAP. If you wish to use a REST library, I suggest ones such as Apache Jersey or JBoss RESTEasy for Java. If you don't wish to use a REST library, you can always use the java.net.URL class and the built-in Java XML parser.
With regard to your Java Keystore, it looks like you put ARIN's certificate in the keystore. I believe the keystore needs the Root CA certificate from Starfield Technologies, as they are issuer of our certificate and thus the base of the certificate trust model.
Andy Newton,
Chief Engineer, ARIN
On Apr 22, 2011, at 4:41 PM, Zhao, Sean wrote:
> Hello Arin, anyone who can help me.
>
>
>
> First of all, Thanks Tim,
>
> The tips Tim gave me DOES work sometimes. But the behavior was sort of weird. It still gave me ?charsetName? error. But ip WAS assigned. No return message but exception. So? I decide to use SOAP instead of axis2, nothing fancy.
>
>
>
> System.setProperty("javax.net.ssl.trustStore", "ssl/arin.jks");
>
> System.setProperty("javax.net.ssl.trustStorePassword", "arinLims");
>
> System.setProperty("javax.net.ssl.keyStore", "ssl/arin.jks");
>
> System.setProperty("javax.net.ssl.keyStorePassword", "arinLims");
>
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
>
>
>
> String strResponseXml = null;
>
> try
>
> {
>
> URL url = new URL(strUrl);
>
> SOAPHttpsURLConnection httpsURLConnection = (SOAPHttpsURLConnection)url.openConnection();
>
> httpsURLConnection.setRequestProperty("Content-Type", "text/plain; charset=utf-8");
>
> httpsURLConnection.setRequestMethod(strMethod);
>
> httpsURLConnection.setDoOutput(true);
>
> httpsURLConnection.setDoInput(true);
>
>
>
> OutputStream outputStream = httpsURLConnection.getOutputStream();
>
> System.out.println("Sean Zhao ArinUtil.send : outputStream = " + outputStream);
>
> InputStream inputStream = httpsURLConnection.getInputStream();
>
> System.out.println("Sean Zhao ArinUtil.send : inputStream = " + inputStream);
>
>
>
> OutputStreamWriter outputStreamWriter = new OutputStreamWriter(outputStream);
>
> BufferedWriter bufferedWriter = new BufferedWriter(outputStreamWriter);
>
>
>
> System.out.println("Sean Zhao ArinUtil.send : strPayload = " + strPayload);
>
> bufferedWriter.write(strPayload + '\n');
>
>
>
> InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
>
> BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
>
>
>
> System.out.println("Sean Zhao ArinUtil.send : going to send xml to Arin");
>
> while ((strResponseXml = bufferedReader.readLine()) != null)
>
> {
>
> System.out.println("Sean Zhao ArinUtil.send : strResponseXml = " + strResponseXml);
>
> }
>
>
>
> outputStream.flush();
>
> outputStreamWriter.flush();
>
> bufferedWriter.flush();
>
> System.out.println("Sean Zhao ArinUtil.send : flushed all");
>
>
>
> bufferedWriter.close();
>
> outputStreamWriter.close();
>
> outputStream.close();
>
> System.out.println("Sean Zhao ArinUtil.send : closed all writers");
>
>
>
> bufferedReader.close();
>
> inputStreamReader.close();
>
> inputStream.close();
>
> System.out.println("Sean Zhao ArinUtil.send : closed all readers");
>
> }
>
> catch(IOException ioException)
>
> {
>
> System.out.println("Sean Zhao ArinUtil.send : ioException = " + ioException.getMessage());
>
> }
>
>
>
> System.out.println("Sean Zhao ArinUtil.send : strResponseXml(before return) = " + strResponseXml);
>
> return strResponseXml;
>
>
>
> But this time I still get errors with more details,
>
>
>
>
>
>
>
>
>
> Sean Zhao ArinUtil.send : ioException = [Security:090477]Certificate chain received from www.arin.net - 192.149.252.75 was not trusted causing SSL handshake failure.
>
>
>
> I guess it is either my api key is bad, or my jks file is bad.
>
> I use keytool to view my jsk key, It looks like this,
>
> keytool -list -v -keystore arin.jks
>
> Enter keystore password:
>
>
>
> Keystore type: JKS
>
> Keystore provider: SUN
>
>
>
> Your keystore contains 1 entry
>
>
>
> Alias name: www.arin.net-1
>
> Creation date: Apr 12, 2011
>
> Entry type: trustedCertEntry
>
>
>
> Owner: CN=www.arin.net, OU=Intel(R) Client Setup Certificate, O=American Registry for Internet Numbers Ltd., L=Chantilly, ST=VA, C=US
>
> Issuer: SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
>
> Serial number: 3eda469e277a2
>
> Valid from: Wed Oct 07 15:22:25 MDT 2009 until: Thu Nov 01 12:39:34 MDT 2012
>
> Certificate fingerprints:
>
> MD5: 3E:22:6E:76:7A:3F:5C:04:BB:07:0D:C1:07:1D:77:A7
>
> SHA1: AF:C6:21:17:56:BB:D6:BB:27:C5:B2:95:BD:4D:32:B2:08:D4:6B:53
>
> Signature algorithm name: SHA1withRSA
>
> Version: 3
>
>
>
> Extensions:
>
>
>
> #1: ObjectId: 2.5.29.15 Criticality=true
>
> KeyUsage [
>
> DigitalSignature
>
> Key_Encipherment
>
> ]
>
>
>
> #2: ObjectId: 2.5.29.19 Criticality=true
>
> BasicConstraints:[
>
> CA:false
>
> PathLen:2147483647
>
> ]
>
>
>
> #3: ObjectId: 2.5.29.14 Criticality=false
>
> SubjectKeyIdentifier [
>
> KeyIdentifier [
>
> 0000: 7E AA 33 74 CD 7D C9 DC B4 08 6A D2 C1 24 E2 70 ..3t......j..$.p
>
> 0010: 65 8F F3 B8 e...
>
> ]
>
> ]
>
>
>
> #4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
>
> AuthorityInfoAccess [
>
> [
>
> accessMethod: 1.3.6.1.5.5.7.48.1
>
> accessLocation: URIName: http://ocsp.starfieldtech.com/,
>
> accessMethod: 1.3.6.1.5.5.7.48.2
>
> accessLocation: URIName: http://certificates.starfieldtech.com/repository/sf_intermediate.crt]
>
> ]
>
>
>
> #5: ObjectId: 2.5.29.31 Criticality=false
>
> CRLDistributionPoints [
>
> [DistributionPoint:
>
> [URIName: http://crl.starfieldtech.com/sfs2-0.crl]
>
> ]]
>
>
>
> #6: ObjectId: 2.5.29.32 Criticality=false
>
> CertificatePolicies [
>
> [CertificatePolicyId: [2.16.840.1.114414.1.7.23.2]
>
> [PolicyQualifierInfo: [
>
> qualifierID: 1.3.6.1.5.5.7.2.1
>
> qualifier: 0000: 16 31 68 74 74 70 3A 2F 2F 63 65 72 74 69 66 69 .1http://certifi
>
> 0010: 63 61 74 65 73 2E 73 74 61 72 66 69 65 6C 64 74 cates.starfieldt
>
> 0020: 65 63 68 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F ech.com/reposito
>
> 0030: 72 79 2F ry/
>
>
>
> ]] ]
>
> ]
>
>
>
> #7: ObjectId: 2.5.29.37 Criticality=false
>
> ExtendedKeyUsages [
>
> serverAuth
>
> clientAuth
>
> ]
>
>
>
> #8: ObjectId: 2.5.29.35 Criticality=false
>
> AuthorityKeyIdentifier [
>
> KeyIdentifier [
>
> 0000: 49 4B 52 27 D1 1B BC F2 A1 21 6A 62 7B 51 42 7A IKR'.....!jb.QBz
>
> 0010: 8A D7 D5 56 ...V
>
> ]
>
>
>
> ]
>
>
>
> #9: ObjectId: 2.5.29.17 Criticality=false
>
> SubjectAlternativeName [
>
> DNSName: www.arin.net
>
> DNSName: arin.net
>
> ]
>
>
>
> Anything bad?
>
> What I did is
>
> 1. I downloaded InstallCert.java from Internet
>
> 2. Run it
>
> 3. And export the file InstallCert created into a cert file with keytool
>
> 4. And import the cert file into my new jks file with keytool.
>
>
>
> Anything wrong I did ?
>
>
>
> Thanks a lot for the help,
>
>
>
> Sean Zhao
>
>
> This communication is the property of Qwest and may contain confidential or
> privileged information. Unauthorized use of this communication is strictly
> prohibited and may be unlawful. If you have received this communication
> in error, please immediately notify the sender by reply e-mail and destroy
> all copies of the communication and any attachments.
> _______________________________________________
> arin-tech-discuss mailing list
> arin-tech-discuss at arin.net
> http://lists.arin.net/mailman/listinfo/arin-tech-discuss