PartnerIssue #177
closed"Login Test" on https://eid.services.ageto.net/eid/ fails due to TLSv1 Handshake Failure
Added by Andreas Kuckartz over 11 years ago. Updated over 11 years ago.
100%
Description
The "Login Test" on this page seems to access a URL starting with "http://localhost:24727/eID-Client?tcTokenURL=https....":
https://eid.services.ageto.net/eid/
But it does not activate the Open eCard client. Instead I see this error in Chromium after clicking on "Start eID":
"Keine Daten empfangen
Die Webseite kann nicht geladen werden, da der Server keine Daten gesendet hat.
Vorschläge:
Laden Sie diese Webseite später erneut.
Fehler 324 (net::ERR_EMPTY_RESPONSE): Server hat die Verbindung geschlossen. Es wurden keine Daten gesendet."
Who is responsible for this problem, server or client ?
Files
ageto.pcap (6.97 KB) ageto.pcap | Tobias Wich, 03/09/2013 12:09 PM |
Related issues
Updated by Tobias Wich over 11 years ago
- File ageto.pcap ageto.pcap added
There is a problem with the TLS channel when fetching the TCToken. The attached wireshark dump shows that.
What do our TLS experts say?
Updated by Tobias Wich over 11 years ago
- Target version changed from 1.x to 1.0.1
Updated by Detlef Hühnlein over 11 years ago
- Tracker changed from Bug to PartnerIssue
Updated by Andreas Kuckartz over 11 years ago
- Subject changed from Problem with "Login Test" on https://eid.services.ageto.net/eid/ to "Login Test" on https://eid.services.ageto.net/eid/ fails due to TLSv1 Handshake Failure
Updated by Andreas Kuckartz over 11 years ago
A few observations from someone who is not a TLS expert:
1. BSI TR-03130-1, Version 2.0, October 24, 2012 ("Technical Guideline eID-Server") refers to RFC 5246, The Transport Layer Security (TLS)
Protocol, Version 1.2, and not older TLS versions.
On the other hand the previous version of BSI TR-03130-1 (1.6) uses the TLA "TLS" without refering to an RFC or mentioning a version.
2. eid.services.ageto.net seems to only support TLS 1.0.
3. There are not many causes of Handshake Failures specified in RFC2246 (TLS 1.0). One of them is contained in this paragraph:
"The CipherSuite list, passed from the client to the server in the
client hello message, contains the combinations of cryptographic
algorithms supported by the client in order of the client's
preference (favorite choice first). Each CipherSuite defines a key
exchange algorithm, a bulk encryption algorithm (including secret key
length) and a MAC algorithm. The server will select a cipher suite
or, if no acceptable choices are presented, return a handshake
failure alert and close the connection."
Updated by Andreas Kuckartz over 11 years ago
This Wiki page contains some further information:
https://dev.openecard.org/projects/open-ecard/wiki/EID-Server-Issues
Updated by Tobias Wich over 11 years ago
Andreas Kuckartz wrote:
A few observations from someone who is not a TLS expert:
1. BSI TR-03130-1, Version 2.0, October 24, 2012 ("Technical Guideline eID-Server") refers to RFC 5246, The Transport Layer Security (TLS)
Protocol, Version 1.2, and not older TLS versions.
BSI TR-03112 Version 1.1.2 states that TLS 1.1 (RFC 4346) must be used. Has this requirement changed in the current draft?
Updated by Andreas Kuckartz over 11 years ago
I see this in ~/openecard/logs/richclient_info.log
2013-03-11 09:08:34,753 [Thread-4] WARN o.o.crypto.tls.TlsNoAuthentication:90 - No certificate verifier available, skipping certificate verification.
2013-03-11 09:08:34,934 [Thread-4] ERROR o.o.c.b.h.h.HttpTCTokenHandler:154 - Internal TLS error, this could be an attack
org.openecard.control.module.tctoken.TCTokenException: Internal TLS error, this could be an attack
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:172) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenFactory.generateTCToken(TCTokenFactory.java:41) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.GenericTCTokenHandler.parseTCTokenRequestURI(GenericTCTokenHandler.java:130) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:136) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
Caused by: java.io.IOException: Internal TLS error, this could be an attack
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processAlert(TlsProtocolHandler.java:821) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processData(TlsProtocolHandler.java:144) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.RecordStream.readData(RecordStream.java:68) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.safeReadData(TlsProtocolHandler.java:1138) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.connect(TlsProtocolHandler.java:1082) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getStream(TCTokenGrabber.java:104) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:158) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
... 6 common frames omitted
2013-03-11 09:08:34,941 [Thread-4] ERROR o.o.c.binding.http.HTTPService$1:128 - null
java.lang.NullPointerException: null
at org.openecard.control.binding.http.common.Http11Response.copyHttpResponse(Http11Response.java:66) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:156) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
Updated by Dirk Petrautzki over 11 years ago
- Status changed from New to Solved
- % Done changed from 0 to 100
Applied in changeset github-main|commit:0f905ce5a9053d8111b025bdb8c2cc60db42b33a.
Updated by Andreas Kuckartz over 11 years ago
I still see errors, including "Internal TLS error, this could be an attack".
Tt then continues with other errors but I have no card reader installed so that this is expected. But I expect that such error messages are not just visible in the logs.
2013-03-11 16:18:10,292 [Thread-6] ERROR o.o.c.binding.http.HTTPService$1:128 - null
java.lang.NullPointerException: null
at org.openecard.control.binding.http.common.Http11Response.copyHttpResponse(Http11Response.java:66) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:156) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
2013-03-11 16:18:15,776 [Thread-8] WARN o.o.crypto.tls.TlsNoAuthentication:90 - No certificate verifier available, skipping certificate verification.
2013-03-11 16:18:15,875 [Thread-8] ERROR o.o.c.b.h.h.HttpTCTokenHandler:154 - Internal TLS error, this could be an attack
org.openecard.control.module.tctoken.TCTokenException: Internal TLS error, this could be an attack
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:172) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenFactory.generateTCToken(TCTokenFactory.java:39) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.GenericTCTokenHandler.parseTCTokenRequestURI(GenericTCTokenHandler.java:130) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:136) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
Caused by: java.io.IOException: Internal TLS error, this could be an attack
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processAlert(TlsProtocolHandler.java:821) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processData(TlsProtocolHandler.java:144) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.RecordStream.readData(RecordStream.java:68) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.safeReadData(TlsProtocolHandler.java:1138) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.connect(TlsProtocolHandler.java:1082) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getStream(TCTokenGrabber.java:104) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:158) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
... 6 common frames omitted
2013-03-11 16:18:15,876 [Thread-8] ERROR o.o.c.binding.http.HTTPService$1:128 - null
java.lang.NullPointerException: null
at org.openecard.control.binding.http.common.Http11Response.copyHttpResponse(Http11Response.java:66) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:156) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
2013-03-11 16:18:34,596 [Open-eCard Localhost-Binding] ERROR o.o.c.binding.http.HTTPService:139 - Socket closed
java.net.SocketException: Socket closed
at java.net.PlainSocketImpl.socketAccept(Native Method) ~[na:1.7.0_15]
at java.net.AbstractPlainSocketImpl.accept(AbstractPlainSocketImpl.java:398) ~[na:1.7.0_15]
at java.net.ServerSocket.implAccept(ServerSocket.java:522) ~[na:1.7.0_15]
at java.net.ServerSocket.accept(ServerSocket.java:490) ~[na:1.7.0_15]
at org.openecard.control.binding.http.HTTPService.run(HTTPService.java:118) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at java.lang.Thread.run(Thread.java:722) [na:1.7.0_15]
2013-03-11 16:18:34,601 [pool-3-thread-2] WARN org.openecard.ifd.scio.IFD:478 - null
java.lang.InterruptedException: null
at java.util.concurrent.locks.AbstractQueuedSynchronizer.doAcquireSharedInterruptibly(AbstractQueuedSynchronizer.java:996) ~[na:1.7.0_15]
at java.util.concurrent.locks.AbstractQueuedSynchronizer.acquireSharedInterruptibly(AbstractQueuedSynchronizer.java:1303) ~[na:1.7.0_15]
at java.util.concurrent.FutureTask$Sync.innerGet(FutureTask.java:248) [na:1.7.0_15]
at java.util.concurrent.FutureTask.get(FutureTask.java:111) [na:1.7.0_15]
at org.openecard.ifd.scio.IFD.wait(IFD.java:463) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.event.WaitFuture.call(WaitFuture.java:53) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.event.WaitFuture.call(WaitFuture.java:38) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [na:1.7.0_15]
at java.util.concurrent.FutureTask.run(FutureTask.java:166) [na:1.7.0_15]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_15]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_15]
at java.lang.Thread.run(Thread.java:722) [na:1.7.0_15]
2013-03-11 16:18:34,605 [pool-3-thread-2] WARN org.openecard.event.WaitFuture:58 - http://www.bsi.bund.de/ecard/api/1.1/resultminor/al/common#unknownError > Unknown eCard exception occurred.
org.openecard.common.WSHelper$WSException: http://www.bsi.bund.de/ecard/api/1.1/resultminor/al/common#unknownError > Unknown eCard exception occurred.
at org.openecard.common.ECardException.makeException(ECardException.java:64) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.common.WSHelper$WSException.<init>(WSHelper.java:43) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.common.WSHelper.checkResult(WSHelper.java:65) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.event.WaitFuture.call(WaitFuture.java:55) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.event.WaitFuture.call(WaitFuture.java:38) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) [na:1.7.0_15]
at java.util.concurrent.FutureTask.run(FutureTask.java:166) [na:1.7.0_15]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_15]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_15]
at java.lang.Thread.run(Thread.java:722) [na:1.7.0_15]
Updated by Tobias Wich over 11 years ago
Have you tried the latest master branch, because this one works for me.
Updated by Andreas Kuckartz over 11 years ago
To ensure that nothing went wrong with git or mvn I deleted the whole directory and downloaded and built the client again according to the README.md.
Accessing the Ageto "Start Login" does not work. I see this in the log:
2013-03-12 09:31:54,637 [Thread-4] WARN o.o.crypto.tls.TlsNoAuthentication:90 - No certificate verifier available, skipping certificate verification.
2013-03-12 09:31:54,859 [Thread-4] ERROR o.o.c.b.h.h.HttpTCTokenHandler:154 - Internal TLS error, this could be an attack
org.openecard.control.module.tctoken.TCTokenException: Internal TLS error, this could be an attack
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:172) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenFactory.generateTCToken(TCTokenFactory.java:39) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.GenericTCTokenHandler.parseTCTokenRequestURI(GenericTCTokenHandler.java:130) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:136) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
Caused by: java.io.IOException: Internal TLS error, this could be an attack
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processAlert(TlsProtocolHandler.java:821) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processData(TlsProtocolHandler.java:144) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.RecordStream.readData(RecordStream.java:68) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.safeReadData(TlsProtocolHandler.java:1138) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.connect(TlsProtocolHandler.java:1082) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getStream(TCTokenGrabber.java:104) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:158) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
... 6 common frames omitted
2013-03-12 09:31:54,863 [Thread-4] ERROR o.o.c.binding.http.HTTPService$1:128 - null
java.lang.NullPointerException: null
at org.openecard.control.binding.http.common.Http11Response.copyHttpResponse(Http11Response.java:66) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:156) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
2013-03-12 09:31:54,967 [Thread-6] WARN o.o.crypto.tls.TlsNoAuthentication:90 - No certificate verifier available, skipping certificate verification.
2013-03-12 09:31:55,062 [Thread-6] ERROR o.o.c.b.h.h.HttpTCTokenHandler:154 - Internal TLS error, this could be an attack
org.openecard.control.module.tctoken.TCTokenException: Internal TLS error, this could be an attack
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:172) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenFactory.generateTCToken(TCTokenFactory.java:39) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.GenericTCTokenHandler.parseTCTokenRequestURI(GenericTCTokenHandler.java:130) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:136) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) [richclient-1.1.0-SNAPSHOT-bundle.jar:na]
Caused by: java.io.IOException: Internal TLS error, this could be an attack
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processAlert(TlsProtocolHandler.java:821) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.processData(TlsProtocolHandler.java:144) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.RecordStream.readData(RecordStream.java:68) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.safeReadData(TlsProtocolHandler.java:1138) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.bouncycastle.crypto.tls.TlsProtocolHandler.connect(TlsProtocolHandler.java:1082) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getStream(TCTokenGrabber.java:104) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.module.tctoken.TCTokenGrabber.getResource(TCTokenGrabber.java:158) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
... 6 common frames omitted
2013-03-12 09:31:55,064 [Thread-6] ERROR o.o.c.binding.http.HTTPService$1:128 - null
java.lang.NullPointerException: null
at org.openecard.control.binding.http.common.Http11Response.copyHttpResponse(Http11Response.java:66) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.handler.HttpTCTokenHandler.handle(HttpTCTokenHandler.java:156) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.doService(HttpService.java:375) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.apache.http.protocol.HttpService.handleRequest(HttpService.java:290) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
at org.openecard.control.binding.http.HTTPService$1.run(HTTPService.java:125) ~[richclient-1.1.0-SNAPSHOT-bundle.jar:na]
Updated by Tobias Wich over 11 years ago
You are still running the wrong code. It seems that github serves stage as the main branch instead of master. Normally this one would be atop of the master, but we are currently creating a hotfix release and thus they don't correlate at the moment.
To fix your problem change the branch with
$ git checkout -b master origin/master
In the meantime I will be looking into the problem at github.
Updated by Andreas Kuckartz over 11 years ago
That helped. Now the client gets activated and I only see these lines in the log. Are the warnings a result of the TLS problem or is that a separate issue ?
2013-03-12 10:33:12,882 [Thread-4] WARN o.o.crypto.tls.TlsNoAuthentication:90 - No certificate verifier available, skipping certificate verification.
2013-03-12 10:33:13,013 [Thread-4] ERROR o.o.c.module.tctoken.TCTokenGrabber:109 - Connecting to the TCToken-URL with TLSv1.1 failed. Falling back to TLSv1.0.
2013-03-12 10:33:13,078 [Thread-4] WARN o.o.crypto.tls.TlsNoAuthentication:90 - No certificate verifier available, skipping certificate verification.
Updated by Tobias Wich over 11 years ago
- Status changed from Solved to Closed
- Assignee set to Tobias Wich
Updated by Andreas Kuckartz over 11 years ago
Is it also solved in the 1.1 version ?