B4J Question jRDC2 with SSL example

MiguelL

Member
Licensed User
Now it works!!,
I followed this steps, exported the certificate as pfx and later used java keytool to import it as a JKS file with this command:
keytool -importkeystore -srckeystore C:\SSLCerts\mycert.pfx -srcstoretype pkcs12 -destkeystore C:\SSLCerts\mykeystore.jks -deststoretype JKS

i got a JKS file and use it in the code of the jRDC server:
xSr.KeyStorePassword="MyPassword"
xSr.SetKeyStorePath(File.DirApp,"mykeystore.jks")
srvr.SetSslConfiguration(xSr,17179)' a different port of the common 17178 jrdc uses?
srvr.Start

In the web page with the url test connection now i see the connection successful, with the padlock icon :D
View attachment 101221
But, there is a problem, in the B4A App with the endpoint: , now i got a different error:
javax.net.ssl.SSLHandShakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
What is that?
Not sure if you micht run into this same problem, but I got everything working on my mobile (J5) using Firefox, but everything failed on Chrome.
Cleaning the history (cache) did not make any difference. After re-installing Chrome on my mobile suddenly everything worked also from Chrome.
 

Angel Garcia

Member
Licensed User
Finally!!
Thanks Oliver! 😁
Did you check the "Include all certificates in the certification path if possible" option during the export? I should be available when you pick the format of the export.
Finally got it working, yes you were right. Now it works on devices and from web page.
This way was easier for me, (for windows server users)
1. First you purchase a certificate from cheapssl.com or some other, for a long time (at least 1 year),
2. You install it on your IIS server
3. And then you perform the export as a pfx file with the link that oliver provided, https://enterpriseit.co/windows-server/exporting-ssl-certificate-pfx-from-windows-server-iis/
4. Then import back as a JKS file with the java keytool, with this command: keytool -importkeystore -srckeystore C:\SSLCerts\mycert.pfx -srcstoretype pkcs12 -destkeystore C:\SSLCerts\mykeystore.jks -deststoretype JKS , and finally
5. Use the imported JKS file to the xSr.SetKeyStorePath(File.DirApp,"mykeystore.jks")
Many thanks to all for your kind support!!
😄
 

MiguelL

Member
Licensed User
Hi Miguel,
i would like to try your solution, the downside of letsencrypt is that reading the FAQ they only last 3 months, and you have to keep renewing the certificates.
But if it works nice i would consider it as an option. Also i can't find the tool to create the certificates on the web page, you need to download a tool right?
Many thanks
I found this as a possible solution for auto renewal on windows, but still have to test it. Glad your solution is working! I might go for the same solution too once I get some more experience with all of this.
regards.
 
Top