I have managed to get Lightstreamer SSL to work with an HTML+Javascript client served from apache2. I'd like to sum up here the pitfalls, it may save someone some time.
1. Use the
eval version of Lightstreamer, not Moderato, as Moderato does not support SSL. It is there all over in the docs, but when you have been using Moderato for a while, and you want to switch to SSL as an experiment, you might not go back all the way to the docs :Smile_Ab: Licence the eval version and set it up to work in Vivace mode in lightstreamer_conf.xml. Enable https_server (moderato's config does not have https_server)
2. Use https to get your client HTML+Javascript page. If you don't, you will get a java exception on your server console:
14.Jul.11 17:18:56,776 <ERROR> Handshake error on Lightstreamer HTTPS Server
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:152)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:798)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:713)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at com.lightstreamer.e.a.t.a(t.java)
at com.lightstreamer.e.a.m.a(m.java)
at com.lightstreamer.e.a.a.g.b(g.java)
at com.lightstreamer.e.a.a.n.e(n.java)
at com.lightstreamer.e.a.a.n.run(n.java)
This may happen if your client page is deployed on a web server, and that web server is not using https (yet). You need to setup your web server to serve the client pages via https.
3. Set up your Lightstreamer client to connect to the port the Lightstreamer HTTPS service is running on. You can do that by using:
lsEngine.connection.setLSPort("8443");
This has to be the same port as the one set in the LS config file.
4. Open the client URL via https and store the permanent security exception in your browser.
5. Open the Lightstreamer push url via https and using the port number setup in the config file ([url]
https://push.example.com:8443)[/url], store the security exception in the browser. If you don't, the client will not connect and the server log will show the following java exception:
14.Jul.11 17:19:14,833 <ERROR> Handshake error on Lightstreamer HTTPS Server
javax.net.ssl.SSLException: Received fatal alert: bad_certificate
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1429)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1397)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1563)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1023)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:837)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:713)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at com.lightstreamer.e.a.t.a(t.java)
at com.lightstreamer.e.a.m.a(m.java)
at com.lightstreamer.e.a.a.g.b(g.java)
at com.lightstreamer.e.a.a.n.e(n.java)
at com.lightstreamer.e.a.a.n.run(n.java)
I did not find anything on the forums about the bad_certificate exception, hence this post, hope someone will find it useful, and I hope Lightstreamer folks don't mind :Smile_Ab: .