Welcome!

Welcome to the Official BlackBerry Support Community Forums. This is your resource to discuss support topics with your peers, and learn from each other. New to the forum? Please visit the ‘Getting Started’ link below.
All New Topics | All New Posts
inside custom component

Java Development

Reply
Topic Options
Developer
Developer
kully
Posts: 23
Registered: ‎10-15-2009
Accepted Solution

'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 10:28 AM

Hello,

 

Long time lurker, first time poster :smileywink:

 

 

I have an app which talks HTTP to a server. It does this with no problems.

 

I'm now trying to get it to talk HTTPS to the server.

 

Just to try things out I decided to change the line 

 

 

HttpConnection c = (HttpConnection)Connector.open(url,Connector.READ_WRITE, true );

 

to 

 

 

HttpsConnection c = (HttpsConnection)Connector.open(url+";trustAll;RdHTTPS;EndToEndDesired");

 

 and step through the code. (By the way, 'url' includes 'deviceside=false').

 

However, the thread running this hangs.

 

The debug spits out this:

 

 

SSL:->CH
SSL:<-SH
SSL:<-SC

Which I am presuming to mean "Client says Hello", "Server says Hello" & "Server send certificate".

 

This doesn't time out, I left the thread going overnight and it was still stuck there.

 

I've tried using combinations of the following parameters.

trustAll, RdHTTPS, {EndToEndDesired,EndtoEndRequired}

 

 

 

I've done a 'alt-escape' to see if there is a dialogue box hiding somewhere waiting for input - but nothing.

 

I've also included the server certificate in the package and install it to the device key store before making this call.

 

I get the exact same behaviour on the simulator and a 'real' device. I've tried this with both 4.2.1 and 4.5.0 JDEs.

 

 

Does anyone have any ideas? I'm considering wailing 'woe is me' whilst tearing the hair from my back.

 

 

cheers,

kully

 

Report Inappropriate Content
Message 1 of 17 (7,435 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
Posts: 1,474
Registered: ‎04-14-2009

Re: 'Connector.open' hangs for HttpsConnection

[ Edited ]
Options

‎10-15-2009 11:03 AM - edited ‎10-15-2009 11:05 AM

Are you calling Connector.open on the event dispacher (aka UI) thread? You can check this using various methods in the Application class, for example, Application.isEventDispatchThread.

 

P.S. What is the full URL that you pass to the method?

Message Edited by klyubin on 15-10-2009 04:05 PM
Report Inappropriate Content
Message 2 of 17 (7,397 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
kully
Posts: 23
Registered: ‎10-15-2009

Re: 'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 11:47 AM

Hello,

 

No, this isn't the UI thread.

 

The full URL that I pass in is:

 

 

https://<ip>/devices/v1/;deviceside=false;trustAll;EndToEndRequired

 

(I've replace the IP address with '<ip>')


 

Report Inappropriate Content
Message 3 of 17 (7,387 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
kully
Posts: 23
Registered: ‎10-15-2009

Re: 'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 11:49 AM

I forgot the write in my initial post.

 

I can access the URL via the browser (on both the simulator and the actual handset) fine - it prompts me to confirm the certificate.

Report Inappropriate Content
Message 4 of 17 (7,380 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
Posts: 1,474
Registered: ‎04-14-2009

Re: 'Connector.open' hangs for HttpsConnection

[ Edited ]
Options

‎10-15-2009 11:53 AM - edited ‎10-15-2009 11:53 AM

Firstly, since you require end-to-end TLS/SSL, trustAll will be ignored, since it's not the MDS that will be establishing the TLS/SSL connection on your behalf. Other than that, the URL looks completely normal.

 

Does your code go pass the TLS/SSL handshake phase if you connect to a server with a server certificate leading to a well-known root CA? For example, https://mail.google.com? This is to check whether the issue has to do with the fact that you are using your own CA/self-signed certificate.

 

P.S. Welcome to the forum as a contributor!

Message Edited by klyubin on 15-10-2009 04:53 PM
Report Inappropriate Content
Message 5 of 17 (7,384 Views)
Reply
Please use plain text.
 
Developer
Developer
kully
Posts: 23
Registered: ‎10-15-2009

Re: 'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 12:25 PM

Now, there's something. I never thought to question the server or certificate.

 

I popped in 'https://mail.google.com' and the handshake goes through fine.

 

The certificate on the server is self-signed and although I include it in my package and add it to the keystore, it has a red cross next to it.

 

I'm going to fiddle with it to see what can be done.

 

It is odd how the BB does not pop up a dialogue box asking me about the certificate in the same way the browser does... Could there be a call I need to make beforehand / another parameter I need to pass in for this to happen?

Report Inappropriate Content
Message 6 of 17 (7,383 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
Posts: 1,474
Registered: ‎04-14-2009

Re: 'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 12:49 PM

If you want to assign trust manually, go to Options -> Security -> Certificates. Select your certificate, open the menu, and click Trust.
Report Inappropriate Content
Message 7 of 17 (7,376 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
Posts: 1,474
Registered: ‎04-14-2009

Re: 'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 12:54 PM

When the BB receives a certificate that it does not trust, you get a popup with various options (e.g., Trust, View, Cancel, View). I'm still puzzled why your code hangs without the popup being shown or without an Exception thrown. The popup might not show up, for example, because you chose not to trust this certificate permanently, or because the UI thread is blocked. Are you definite Connector.open blocks? Are you sure it's not throwing an exception?
Report Inappropriate Content
Message 8 of 17 (7,426 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
kully
Posts: 23
Registered: ‎10-15-2009

Re: 'Connector.open' hangs for HttpsConnection

Options

‎10-15-2009 01:12 PM

Thanks for your posts klyubin.

 

Connector.open does not throw any exceptions, and the certificate is in the key store with an 'explicitly trusted' state. The apps UI thread is working fine, it is just this 'network' thread that is blocked.

 

 

 

 

Report Inappropriate Content
Message 9 of 17 (7,407 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
kully
Posts: 23
Registered: ‎10-15-2009

Re: 'Connector.open' hangs for HttpsConnection

[ Edited ]
Options

‎10-15-2009 01:16 PM - edited ‎10-15-2009 01:19 PM

The odd thing is that the bloke in this thread: http://www.blackberryforums.com/developer-forum/119791-trusting-certificates-using-https.html

 

also seemed to be using a self-signed certificate. And he at least got those message boxes asking whether the certificate should be trusted or not.

 

I'm wondering whether the Blackberry needs the certificate to be formatted in a particular way -  I havn't yet been able to dig up anything on this in the dev guide or my friend, Mr. Google.

 

Would it be possible to get a debug 'javax.microedition.io.Connector' to find out anything more?

Message Edited by kully on 10-15-2009 06:19 PM
Report Inappropriate Content
Message 10 of 17 (7,408 Views)
Reply
0 Likes
Please use plain text.