[arin-tech-discuss] Question about your RESTful Server, method PUT

Zhao, Sean Sean.Zhao at qwest.com
Fri Apr 22 16:41:06 EDT 2011 

Hello Arin, anyone who can help me.

First of all, Thanks Tim,
                The tips Tim gave me DOES work sometimes. But the behavior was sort of weird. It still gave me "charsetName" error. But ip WAS assigned. No return message but exception. So... I decide to use SOAP instead of axis2, nothing fancy.

        System.setProperty("javax.net.ssl.trustStore", "ssl/arin.jks");
        System.setProperty("javax.net.ssl.trustStorePassword", "arinLims");
        System.setProperty("javax.net.ssl.keyStore", "ssl/arin.jks");
        System.setProperty("javax.net.ssl.keyStorePassword", "arinLims");
        System.setProperty("javax.net.ssl.keyStoreType", "jks");

        String strResponseXml = null;
        try
        {
            URL url = new URL(strUrl);
            SOAPHttpsURLConnection httpsURLConnection = (SOAPHttpsURLConnection)url.openConnection();
            httpsURLConnection.setRequestProperty("Content-Type", "text/plain; charset=utf-8");
            httpsURLConnection.setRequestMethod(strMethod);
          httpsURLConnection.setDoOutput(true);
          httpsURLConnection.setDoInput(true);

            OutputStream outputStream = httpsURLConnection.getOutputStream();
System.out.println("Sean Zhao ArinUtil.send : outputStream = " + outputStream);
            InputStream inputStream = httpsURLConnection.getInputStream();
System.out.println("Sean Zhao ArinUtil.send : inputStream = " + inputStream);

            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(outputStream);
            BufferedWriter bufferedWriter = new BufferedWriter(outputStreamWriter);

System.out.println("Sean Zhao ArinUtil.send : strPayload = " + strPayload);
            bufferedWriter.write(strPayload + '\n');

            InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
            BufferedReader bufferedReader = new BufferedReader(inputStreamReader);

System.out.println("Sean Zhao ArinUtil.send : going to send xml to Arin");
            while ((strResponseXml = bufferedReader.readLine()) != null)
            {
System.out.println("Sean Zhao ArinUtil.send : strResponseXml = " + strResponseXml);
            }

            outputStream.flush();
            outputStreamWriter.flush();
            bufferedWriter.flush();
System.out.println("Sean Zhao ArinUtil.send : flushed all");

            bufferedWriter.close();
            outputStreamWriter.close();
            outputStream.close();
System.out.println("Sean Zhao ArinUtil.send : closed all writers");

            bufferedReader.close();
            inputStreamReader.close();
            inputStream.close();
System.out.println("Sean Zhao ArinUtil.send : closed all readers");
        }
        catch(IOException ioException)
        {
System.out.println("Sean Zhao ArinUtil.send : ioException = " + ioException.getMessage());
        }

System.out.println("Sean Zhao ArinUtil.send : strResponseXml(before return) = " + strResponseXml);
      return strResponseXml;

But this time I still get errors with more details,

<Apr 22, 2011 2:14:13 PM MDT> <Warning> <Security> <BEA-090477> <Certificate chain received from www.arin.net - 192.149.252.75 was not trusted causing SSL handshake failure.>
<Apr 22, 2011 2:14:14 PM MDT> <Warning> <Security> <BEA-090477> <Certificate chain received from www.arin.net - 192.149.252.75 was not trusted causing SSL handshake failure.>
<Apr 22, 2011 2:14:14 PM MDT> <Warning> <Security> <BEA-090477> <Certificate chain received from www.arin.net - 192.149.252.75 was not trusted causing SSL handshake failure.>
Sean Zhao ArinUtil.send : ioException = [Security:090477]Certificate chain received from www.arin.net - 192.149.252.75 was not trusted causing SSL handshake failure.

I guess it is either my api key is bad, or my jks file is bad.
I use keytool to view my jsk key, It looks like this,
keytool -list -v -keystore arin.jks
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: www.arin.net-1
Creation date: Apr 12, 2011
Entry type: trustedCertEntry

Owner: CN=www.arin.net, OU=Intel(R) Client Setup Certificate, O=American Registry for Internet Numbers Ltd., L=Chantilly, ST=VA, C=US
Issuer: SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Serial number: 3eda469e277a2
Valid from: Wed Oct 07 15:22:25 MDT 2009 until: Thu Nov 01 12:39:34 MDT 2012
Certificate fingerprints:
         MD5:  3E:22:6E:76:7A:3F:5C:04:BB:07:0D:C1:07:1D:77:A7
         SHA1: AF:C6:21:17:56:BB:D6:BB:27:C5:B2:95:BD:4D:32:B2:08:D4:6B:53
         Signature algorithm name: SHA1withRSA
         Version: 3

Extensions:

#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Key_Encipherment
]

#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
  CA:false
  PathLen:2147483647
]

#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 7E AA 33 74 CD 7D C9 DC   B4 08 6A D2 C1 24 E2 70  ..3t......j..$.p
0010: 65 8F F3 B8                                        e...
]
]

#4: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
  [
   accessMethod: 1.3.6.1.5.5.7.48.1
   accessLocation: URIName: http://ocsp.starfieldtech.com/,
   accessMethod: 1.3.6.1.5.5.7.48.2
   accessLocation: URIName: http://certificates.starfieldtech.com/repository/sf_intermediate.crt]
]

#5: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
  [DistributionPoint:
     [URIName: http://crl.starfieldtech.com/sfs2-0.crl]
]]

#6: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
  [CertificatePolicyId: [2.16.840.1.114414.1.7.23.2]
[PolicyQualifierInfo: [
  qualifierID: 1.3.6.1.5.5.7.2.1
  qualifier: 0000: 16 31 68 74 74 70 3A 2F   2F 63 65 72 74 69 66 69  .1http://certifi
0010: 63 61 74 65 73 2E 73 74   61 72 66 69 65 6C 64 74  cates.starfieldt
0020: 65 63 68 2E 63 6F 6D 2F   72 65 70 6F 73 69 74 6F  ech.com/reposito
0030: 72 79 2F                                           ry/

]]  ]
]

#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
  serverAuth
  clientAuth
]

#8: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 49 4B 52 27 D1 1B BC F2   A1 21 6A 62 7B 51 42 7A  IKR'.....!jb.QBz
0010: 8A D7 D5 56                                        ...V
]

]

#9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
  DNSName: www.arin.net
  DNSName: arin.net
]

Anything bad?
What I did is

1.       I downloaded InstallCert.java from Internet

2.       Run it

3.       And export the file InstallCert created into a cert file with keytool

4.       And import the cert file into my new jks file with keytool.



Anything wrong I did ?


Thanks a lot for the help,

Sean Zhao

________________________________
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-tech-discuss/attachments/20110422/c76779ba/attachment.html>

More information about the arin-tech-discuss mailing list