Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development


Thank you for visiting the BlackBerry Support Community Forums.

BlackBerry will be closing the BlackBerry Support Community Forums Device Forums on April 1st (Developers, see below)

BlackBerry remains committed to providing excellent customer support to our customers. We are delighted to direct you to the CrackBerry Forums, a well-established and thorough support channel, for continued BlackBerry support. Please visit http://forums.crackberry.com or http://crackberry.com/ask. You can also continue to visit BlackBerry Support or the BlackBerry Knowledge Base for official support options available for your BlackBerry Smartphone.

"When we launched CrackBerry.com 10 years ago, we set out to make it a fun and useful destination where BlackBerry Smartphone owners could share their excitement and learn to unleash the full potential of their BlackBerry. A decade later, the CrackBerry community is as active and passionate as ever and I know our knowledgeable members and volunteers will be excited to welcome and assist more BlackBerry owners with their questions."

- Kevin Michaluk, Founder, CrackBerry.com

Developers, for more information about the BlackBerry Developer Community please review Join the Conversation on the BlackBerry Developer Community Forums found on Inside BlackBerry.


Reply
Developer
Posts: 216
Registered: ‎09-11-2008
My Device: 9000(Bold)

SSL Connection saved in the BB cache?

Hello,

 

I'm having trouble using SSL connection on the BB (Both real device and Simulator):

1) I'm connecting using SSL connection to a server and communicate successfully.

2) i'm closing the socket

3) after ~5sec i open a new SSL connection to the same server

4) The server "claims" that the BB uses the same session-id and therefore doesn't use full SSL-handshke

 

My questions is: Does the BB uses cache for SSL connections and if so can i force the BB to use "fresh" SSL connection (didn't see such option in the API?

Thx.

 

Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: SSL Connection saved in the BB cache?

Just to confirm, are you seeing the same underlying TCP connection being used (e.g., HTTP 1.1 over TLS/SSL) or different connections but the same SSL Session? If it's the latter, you can always disable this feature on your server (if you don't like the feature for some reason).

Developer
Posts: 216
Registered: ‎09-11-2008
My Device: 9000(Bold)

Re: SSL Connection saved in the BB cache?

Hi,

The server is located at my customer site and i can't access it. According to my customer he sees the same session but on different socket.

Here's the code i'm using:

 

 

SecureConnection securedCon = (SecureConnection)Connector.open(SECURED_URL);
OutputStream outStream = _securedCon.openOutputStream();
OutputStreamWriter out = new OutputStreamWriter(outStream);

DataOutputStream dos = new DataOutputStream(outStream);
dos.write(data.getBytes());
dos.flush();

try {   
   outStream.close();
   securedCon.close();
} catch (Exception conExc) {
}

//...
//...
securedCon = (SecureConnection)Connector.open(SECURED_URL);
OutputStream outStream = _securedCon.openOutputStream();
OutputStreamWriter out = new OutputStreamWriter(outStream);

dos.write(data.getBytes());
dos.flush();

 

 

Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: SSL Connection saved in the BB cache?

[ Edited ]

So, why does the customer dislike session reuse? It's a valid feature of SSL/TLS. If they have reason to dislike this feature, let them switch it off on the server-side. It's much more reliable (and secure) than changing all possible clients that could connect to their server.

Highlighted
Developer
Posts: 216
Registered: ‎09-11-2008
My Device: 9000(Bold)

Re: SSL Connection saved in the BB cache?

I agree that it can be solved on the server side but i wanted to know if there's a way to "force" the BB to request full auth. session again from the server.