B4J Question communicate between 2 webapps secure?

ilan

Expert
Licensed User
hi

i have 1 web app that runs on pc1 and another web app that runs on pc2 (not a local network). and i would like to send/receive data between them. what would be the secure way to do that?
what i do now is using HTTP requests where i encrypt the data that I am sending. is there another way to do that?

i will explain. i have pc2 that is running a server with SQLite DB and I would like to read from that DB from a b4j app that is running on pc1. so with HTTP requests i get the data from the server to the b4j app but is that secure enough if i use the B4XEncryption library?
 

ilan

Expert
Licensed User
like here?

i use let's encrypt for the SSL certificate and the SSL b4j server as (explained above).
 
Upvote 0

tchart

Well-Known Member
Licensed User
i use let's encrypt for the SSL certificate

Are you communicating on the local network or over the internet. I didnt think letsencrypt could generate certificates for local network names.

I just use self-signed certificates but that requires each client to trust the certificate. If you have a proper IT team then they can generate you a trusted certificate for your internal domain.
 
Upvote 0

ilan

Expert
Licensed User
Are you communicating on the local network or over the internet. I didnt think letsencrypt could generate certificates for local network names.

I just use self-signed certificates but that requires each client to trust the certificate. If you have a proper IT team then they can generate you a trusted certificate for your internal domain.

i will use it over the internet but now I am making tests on a local network. i do run in problems. i run the b4j server with SSL configuration and if I make a httpjob request from another b4j app I am getting errors:

Waiting for debugger to connect...
Program started.
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alert.createSSLException(Alert.java:131)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:327)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:270)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:265)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:646)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:465)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:361)
at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376)
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:451)
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:428)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:184)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:154)
at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1198)
at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1107)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:400)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:372)
at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:320)
at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:284)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:169)
at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:258)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:135)
at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:114)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:127)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:257)
at okhttp3.RealCall.execute(RealCall.java:93)
at anywheresoftware.b4h.okhttp.OkHttpClientWrapper.executeWithTimeout(OkHttpClientWrapper.java:173)
at anywheresoftware.b4h.okhttp.OkHttpClientWrapper.access$0(OkHttpClientWrapper.java:170)
at anywheresoftware.b4h.okhttp.OkHttpClientWrapper$ExecuteHelper.run(OkHttpClientWrapper.java:218)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at sun.security.validator.Validator.validate(Validator.java:271)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:312)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:221)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:128)
at sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:630)
... 38 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
... 44 more
ResponseError. Reason: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, Response:

so I tried to use OkHttpClient with InitializeAcceptAll and I am able to make the request but in the _ResponseSuccess (Response As OkHttpResponse, TaskId As Int) event I don't know how to get the data that was sent from the b4j server. i get the response content length that is correct but I have no GetContent method.

how can I receive the data? maybe as a son object or simple string like it is working over a web browser?
 
Upvote 0

Erel

Administrator
Staff member
Licensed User
Upvote 0

ilan

Expert
Licensed User
thank you Erel very much for your help.

adding HU2_ACCEPTALL to the conditional symbol (Ctrl + B) did the trick. now i am able to make http request from another b4j app to my server.

just to understand better the instruction here: https://www.b4x.com/android/forum/threads/server-jokhttputils2-server-version.124350/#content

2. Add a reference to jBuilderUtils = just check the jBuilderUtils in the library Manager (in the server Application) right?

is it ok to build the Server with HU2_ACCEPTALL and upload the Jar to my hosting? or it is not needed because over the internet i should not get any error related to the one i get in post #6 ( javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target )

is there a way to run 2 b4j apps in debug mode? because now i have to run the server in release mode to be able to run the second app in debug mode.

thank you :)
 
Upvote 0

Erel

Administrator
Staff member
Licensed User
2. Add a reference to jBuilderUtils = just check the jBuilderUtils in the library Manager (in the server Application) right?
Yes.

is it ok to build the Server with HU2_ACCEPTALL and upload the Jar to my hosting? or it is not needed because over the internet i should not get any error related to the one i get in post #6 ( javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target )
If the servers use valid certificates then it is not needed and HU2_ACCEPTALL should be removed as it make things less secure.

s there a way to run 2 b4j apps in debug mode?
Currently no.
 
Upvote 0
Top