You are here

HTTPS Connection with Tomcat and WTK emulator

Blog Terms: 

1. Tomcat Configuation

Creating HTTPS Connection

Firstly should create a temporarely SSL certificate to use the
Tomcat in an SSL mode.

${JDK_HOME}\bin>keytool -genkey -v -keyalg RSA -alias <alias> -keypass *** -storepass *** -dname "CN=192.168.1.118, OU=-,O=YOUR_COMPANY_NAME,L=Stuttgart,S=BW,C=DE"

CN is Common Name, it is IP address or Domain name, this value must be given correctly, otherwise J2ME client will have such exception:

javax.microedition.pki.CertificateException: Certificate was issued by an unrecognized entity 
  1. Move the created .keystore file to the users directory root from "C:/Documents and Settings/DefaultUser" (or yours system path)
  2. Download JSSE
  3. Copy the JSSE libs (jcert.jar, jnet.jar and jsse.jar) to $JAVA_HOME/jre/lib/ext
  4. Edit
    $JAVA_HOME/jre/lib/security/java.security and check under 'List of
    providers' if the following line is available:
    security.provider.x=com.sun.net.ssl.internal.ssl.Provider
  5. Edit
    $TOMCAT_HOME/conf/server.xml and uncomment the connector element for
    SSL <Connector ...> ... </Connector> change port 8443 to 443
  6. Restart Tomcat

Force Application to use HTTPS

Go to the web.xml of the context you want to make use for HTTPS only and add/change the following part:

<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>yourrolename</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

PS:
for HTTP Authorization,modify the web.xml context

<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>username</realm-name>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to MPM
</description>
<role-name>yourrolename</role-name>
</security-role>

and add
<user username="username" password="password" roles="yourrolename"/>
into
${TOMCAT}/conf/tomcat-users.xml

1.WTK Emulator Configuation

For testing HTTPS in WTK emulator, certificate must be imported(If not, will have exception also: javax.microedition.pki.CertificateException: Certificate was issued by an unrecognized entity). There are 2 ways to import the certificate into WKT:
1.

${JDK_HOME}\bin>keytool -export -alias <alias> -file <youname>.cert
  1. Create certificate file, the yourname.cert will be created under your jdk path: ${JDK_HOME}\bin(in our case)
  2. Import this certificate file into WTK with "J2ME Platform Certificate Manager" tool under the "Utilities" toolkit.

2. or import the keystore file directly into WTK

${WTK_root}/bin>keytool -import -alias <alias> -keystore "C:\xxx\DefaultUser\.keystore" -storepass ******
Ref:

Comments

Hello,

Its really great article.

I am new to J2ME, present i am working for one project on J2ME Technology, I am wondering from 1 week with one exception that is :

java.io.IOException: Alert (2,40)
at com.sun.midp.ssl.Record.rdRec(+228)
at com.sun.midp.ssl.Handshake.getNextMsg(+17)
at com.sun.midp.ssl.Handshake.rcvSrvrHello(+5)
at com.sun.midp.ssl.Handshake.doHandShake(+29)
at com.sun.midp.ssl.SSLStreamConnection.(+173)
at com.sun.midp.ssl.SSLStreamConnection.(+12)
at com.sun.midp.io.j2me.https.Protocol.connect(+214)
at com.sun.midp.io.j2me.http.Protocol.streamConnect(+57)
at com.sun.midp.io.j2me.http.Protocol.startRequest(+12)
at com.sun.midp.io.j2me.http.Protocol.sendRequest(+38)
at com.sun.midp.io.j2me.http.Protocol.flush(+36)
at com.sun.midp.io.BaseOutputStream.flush(+11)
at java.io.DataOutputStream.flush(+7)
at GetHttpsData.run(+104)

Even i simply tried with like :
HttpsConnection con=(HttpsConnection)Connector.open("URL", Connector.READ_WRITE);
con.setRequestProperty("User-Agent","Profile/MIDP-1.0, Configuration/CLDC-1.0");
con.setRequestProperty("Content-Language","en-US");
DataInputStream is1=(DataInputStream)ssl.openDataInputStream();
int ch1;
StringBuffer sb1=new StringBuffer();
while((ch1=is1.read())!=-1)
{
sb1.append((char)ch1);
System.out.println("Rsponse from Sb1=="+sb1.toString());
}

i tried URL and i able to get information in browser. but if i try with Emulator i am getting the above exception.
From Google information i need to import certificates to MEKeyTool.jar, but fail to load.
It gives me exception like "You must set system property kvem.home"

Please help me guys how to do this. My target is i want to access information from web-server through HTTPS.

Thank You in advance..great appraisal with your reply..