Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Developer
kully
Posts: 23
Registered: ‎10-15-2009
My Device: Not Specified
Accepted Solution

'Connector.open' hangs for HttpsConnection

Hello,

 

Long time lurker, first time poster :smileywink:

 

 

I have an app which talks HTTP to a server. It does this with no problems.

 

I'm now trying to get it to talk HTTPS to the server.

 

Just to try things out I decided to change the line 

 

 

HttpConnection c = (HttpConnection)Connector.open(url,Connector.READ_WRITE, true );

 

to 

 

 

HttpsConnection c = (HttpsConnection)Connector.open(url+";trustAll;RdHTTPS;EndToEndDesired");

 

 and step through the code. (By the way, 'url' includes 'deviceside=false').

 

However, the thread running this hangs.

 

The debug spits out this:

 

 

SSL:->CH SSL:<-SH SSL:<-SC

Which I am presuming to mean "Client says Hello", "Server says Hello" & "Server send certificate".

 

This doesn't time out, I left the thread going overnight and it was still stuck there.

 

I've tried using combinations of the following parameters.

trustAll, RdHTTPS, {EndToEndDesired,EndtoEndRequired}

 

 

 

I've done a 'alt-escape' to see if there is a dialogue box hiding somewhere waiting for input - but nothing.

 

I've also included the server certificate in the package and install it to the device key store before making this call.

 

I get the exact same behaviour on the simulator and a 'real' device. I've tried this with both 4.2.1 and 4.5.0 JDEs.

 

 

Does anyone have any ideas? I'm considering wailing 'woe is me' whilst tearing the hair from my back.

 

 

cheers,

kully

 

Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

[ Edited ]

Are you calling Connector.open on the event dispacher (aka UI) thread? You can check this using various methods in the Application class, for example, Application.isEventDispatchThread.

 

P.S. What is the full URL that you pass to the method?

Message Edited by klyubin on 15-10-2009 04:05 PM
Developer
kully
Posts: 23
Registered: ‎10-15-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

Hello,

 

No, this isn't the UI thread.

 

The full URL that I pass in is:

 

 

https://<ip>/devices/v1/;deviceside=false;trustAll;EndToEndRequired

 

(I've replace the IP address with '<ip>')


 

Developer
kully
Posts: 23
Registered: ‎10-15-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

I forgot the write in my initial post.

 

I can access the URL via the browser (on both the simulator and the actual handset) fine - it prompts me to confirm the certificate.

Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

[ Edited ]

Firstly, since you require end-to-end TLS/SSL, trustAll will be ignored, since it's not the MDS that will be establishing the TLS/SSL connection on your behalf. Other than that, the URL looks completely normal.

 

Does your code go pass the TLS/SSL handshake phase if you connect to a server with a server certificate leading to a well-known root CA? For example, https://mail.google.com? This is to check whether the issue has to do with the fact that you are using your own CA/self-signed certificate.

 

P.S. Welcome to the forum as a contributor!

Message Edited by klyubin on 15-10-2009 04:53 PM
Developer
kully
Posts: 23
Registered: ‎10-15-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

Now, there's something. I never thought to question the server or certificate.

 

I popped in 'https://mail.google.com' and the handshake goes through fine.

 

The certificate on the server is self-signed and although I include it in my package and add it to the keystore, it has a red cross next to it.

 

I'm going to fiddle with it to see what can be done.

 

It is odd how the BB does not pop up a dialogue box asking me about the certificate in the same way the browser does... Could there be a call I need to make beforehand / another parameter I need to pass in for this to happen?

Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

If you want to assign trust manually, go to Options -> Security -> Certificates. Select your certificate, open the menu, and click Trust.
Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

When the BB receives a certificate that it does not trust, you get a popup with various options (e.g., Trust, View, Cancel, View). I'm still puzzled why your code hangs without the popup being shown or without an Exception thrown. The popup might not show up, for example, because you chose not to trust this certificate permanently, or because the UI thread is blocked. Are you definite Connector.open blocks? Are you sure it's not throwing an exception?
Developer
kully
Posts: 23
Registered: ‎10-15-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

Thanks for your posts klyubin.

 

Connector.open does not throw any exceptions, and the certificate is in the key store with an 'explicitly trusted' state. The apps UI thread is working fine, it is just this 'network' thread that is blocked.

 

 

 

 

Developer
kully
Posts: 23
Registered: ‎10-15-2009
My Device: Not Specified

Re: 'Connector.open' hangs for HttpsConnection

[ Edited ]

The odd thing is that the bloke in this thread: http://www.blackberryforums.com/developer-forum/119791-trusting-certificates-using-https.html

 

also seemed to be using a self-signed certificate. And he at least got those message boxes asking whether the certificate should be trusted or not.

 

I'm wondering whether the Blackberry needs the certificate to be formatted in a particular way -  I havn't yet been able to dig up anything on this in the dev guide or my friend, Mr. Google.

 

Would it be possible to get a debug 'javax.microedition.io.Connector' to find out anything more?

Message Edited by kully on 10-15-2009 06:19 PM