Return-Path: Mailing-List: contact commons-httpclient-dev-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list commons-httpclient-dev@jakarta.apache.org Received: (qmail 19818 invoked from network); 7 Jul 2003 22:08:45 -0000 Received: from mail6.bluewin.ch (195.186.4.229) by daedalus.apache.org with SMTP; 7 Jul 2003 22:08:45 -0000 Received: from kczrh-okt22.corp.bearingpoint.com (81.62.51.84) by mail6.bluewin.ch (Bluewin AG 7.0.016) id 3EFC03490011BAB6 for commons-httpclient-dev@jakarta.apache.org; Mon, 7 Jul 2003 22:08:52 +0000 Subject: RE: HTTPClient exception From: Oleg Kalnichevski Reply-To: olegk@apache.org To: Commons HttpClient Project In-Reply-To: References: Content-Type: text/plain Message-Id: <1057615728.1937.14.camel@kczrh-okt22.corp.bearingpoint.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.0 Date: 08 Jul 2003 00:08:48 +0200 Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Well, that is it. Have a look at EasyX509TrustManager.java & EasySSLProtocolSocketFactory.java classes. They should help you to get a handle on the situation http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/ I have got to go to bed. Evil comrades do need some sleep too Evil Comrade Oleg On Mon, 2003-07-07 at 23:59, Claudio Santana wrote: > I didn't check that before... now I just ran it against my target > server... www.autorize.net/gateway/transact.dll > > I receive the following exception: > > javax.net.ssl.SSLHandshakeException: unknown CA > at com.ibm.jsse.JSSESocket.install(Unknown Source) > at com.ibm.jsse.JSSEOutputStream.install(Unknown Source) > at com.ibm.jsse.JSSEOutputStream.write(Unknown Source) > at > java.io.OutputStreamWriter.flushBuffer(OutputStreamWriter.java:236) > at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:250) > at com.Test.main(Test.java:32) > Exception in thread "main" > > -----Original Message----- > From: Oleg Kalnichevski [mailto:olegk@apache.org] > Sent: Monday, July 07, 2003 4:55 PM > To: Commons HttpClient Project > Subject: RE: HTTPClient exception > > Claudio, does the same code work with your target server? > > Oleg > > > On Mon, 2003-07-07 at 23:49, Claudio Santana wrote: > > I ran the basic connection program listed at the end of this email. I > > can do a GET to Verisign website using SSL and direct socket > connections > > which means I no longer have the configuration problem. Some > interesting > > condition is that if I don't add the provider dynamically I get an > error > > of missing SSL Socket implementation. > > > > > > > > > > import java.io.BufferedReader; > > import java.io.InputStreamReader; > > import java.io.OutputStreamWriter; > > import java.io.Writer; > > import java.net.Socket; > > > > import javax.net.ssl.SSLSocketFactory; > > > > public class Test { > > > > public static final String TARGET_HTTPS_SERVER = > > "www.verisign.com"; > > public static final int TARGET_HTTPS_PORT = 443; > > > > public static void main(String[] args) throws Exception { > > > > System.setProperty("java.protocol.handler.pkgs", > > "com.ibm.net.ssl.internal.www.protocol"); > > java.security.Security.addProvider(new > > com.ibm.jsse.JSSEProvider()); > > > > Socket socket = SSLSocketFactory.getDefault(). > > createSocket(TARGET_HTTPS_SERVER, TARGET_HTTPS_PORT); > > try { > > Writer out = new OutputStreamWriter( > > socket.getOutputStream(), "ISO-8859-1"); > > out.write("GET / HTTP/1.1\r\n"); > > out.write("Host: " + TARGET_HTTPS_SERVER + ":" + > > TARGET_HTTPS_PORT + "\r\n"); > > out.write("Agent: SSL-TEST\r\n"); > > out.write("\r\n"); > > out.flush(); > > BufferedReader in = new BufferedReader( > > new InputStreamReader(socket.getInputStream(), > > "ISO-8859-1")); > > String line = null; > > while ((line = in.readLine()) != null) { > > System.out.println(line); > > } > > } finally { > > socket.close(); > > } > > } > > } > > > > > > -----Original Message----- > > From: Oleg Kalnichevski [mailto:olegk@apache.org] > > Sent: Monday, July 07, 2003 4:43 PM > > To: Commons HttpClient Project > > Subject: Re: HTTPClient exception > > > > Claudio, > > It's hard to tell what is going on there. Somehow I still suspect that > > SSL support is mis-configured and the target server drops the > connection > > in the middle of the session. > > > > Have you tried testing your SSL setup with the little trick described > in > > 'Troubleshooting' section of the SSL guide? > > > > http://jakarta.apache.org/commons/httpclient/sslguide.html > > > > If the trick does not help to pinpoint the problem, please post the > code > > you are trying to execute > > > > Cheers > > > > Evil Comrade Oleg > > > > > > > > On Mon, 2003-07-07 at 21:14, Claudio Santana wrote: > > > Hi all, > > > > > > I finally made the most basic SSL code run in my computer. Now > I > > am > > > trying to send Post requests with the HttpClient class. I get the > > > following exception when I do the Execute method: > > > > > > java.net.SocketException: Socket closed > > > at java.net.PlainSocketImpl.socketGetOption(Native Method) > > > at java.net.PlainSocketImpl.getOption(PlainSocketImpl.java:198) > > > at java.net.Socket.getSendBufferSize(Socket.java:526) > > > at > > > > > > org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:70 > > > 3) > > > at > > > > > > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:6 > > > 25) > > > at > > > > > > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:5 > > > 00) > > > at com.SSLPayment.sendPayment(SSLPayment.java:104) > > > at com.SSLPayment.main(SSLPayment.java:143) > > > > > > My code is pretty straight forward, I create my PostMethod and add > all > > > the parameters I need to send (just 20 pairs of values) and after > that > > > execute this code: > > > > > > > > > > > > System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.interna > > > l.www.protocol"); > > > java.security.Security.addProvider(new > > > com.ibm.jsse.JSSEProvider()); > > > > > > status = hc.executeMethod( pm ); > > > > > > > > > Does any body have an Idea why I am getting this error and can give > me > > a > > > hand to solve it. > > > > > > Thanks, > > > > > > > > > Claudio. > > > > > > -----Original Message----- > > > From: Michael Becke [mailto:becke@u.washington.edu] > > > Sent: Wednesday, July 02, 2003 9:57 PM > > > To: Commons HttpClient Project > > > Subject: Re: WSAD & HTTPClient question > > > > > > Sorry Claudio, I'm not sure. This appears to be a configuration > > > problem with WebSphere. I would suggest looking at IBM's support > site > > > > > or WebSphere newsgroups for more information. If you have a > > HttpClient > > > specific question we will probably be of more help. > > > > > > Mike > > > > > > On Wednesday, July 2, 2003, at 11:57 AM, Claudio Santana wrote: > > > > > > > > > > > Thanks to all that answered my help request, I am trying to run > > > > with IBM's WSAD 4.0.3, It comes with JDK 1.3. I am not trying to > use > > > > specifically any special implementation of JCE or JSSE, it can be > > > IBM's > > > > or SUN's. As you explain in your email it comes with IBM's > > > > implementation of JCE and JSSE. I already added that System > Property > > > > java.protocol.handler.pkgs=com.ibm.net.ssl.internal.www.protocol > in > > > the > > > > environment in my WebSphere Test Environment but it makes no > > > > difference. > > > > Any other idea? > > > > > > > > Claudio. > > > > > > > > -----Original Message----- > > > > From: secoskem@aciworldwide.com [mailto:secoskem@aciworldwide.com] > > > > Sent: Wednesday, July 02, 2003 7:49 AM > > > > To: Commons HttpClient Project > > > > Subject: Re: WSAD & HTTPClient question > > > > > > > > Laura is right, WSAD comes with the IBMJCE and IBMJSSE, which is > > only > > > a > > > > problem if you absolutely require Sun's JSSE, or are using a > signed > > > > third > > > > party JCE provider. If you do not require either of these, then > all > > > > > > you > > > > > > > > need to do is make sure the java.protocol.handler.pkgs system > > property > > > > is > > > > pointing at: com.ibm.net.ssl.internal.www.protocol. And if you > have > > > > been > > > > specifying a specific provider, stop doing that. > > > > > > > > If you do require Sun, then things get a little tricky. You will > > need > > > > to > > > > remove the following jars from your server's vm... another point - > > > WSAD > > > > uses at least two vm's... the one that matters when > > debugging/running > > > > is > > > > > > > > the server vm... if I remember correctly it is under > > > plugins.server.jdk > > > > (something like that). > > > > > > > > Ok, the jars: > > > > ibmjcefw.jar > > > > ibmjceprovider.jar > > > > ibmjsse.jar > > > > > > > > The above jars need to be replaced with the Sun JCE and JSSE jars > > (all > > > > of > > > > the jars from both packages). > > > > > > > > Then, you need to modify the java.security file, removing all of > the > > > > > > IBM > > > > > > > > JCE/JSSE related provider lines, and replacing them with the Sun > > > > JCE/JSSE > > > > provider lines provided in the installation documents of both of > the > > > > > > JCE > > > > > > > > and JSSE packages. > > > > > > > > Hope this helps. > > > > > > > > - Matt > > > > > > > > > > > > > > > > > > > > > > > > Laura Werner > > > > 07/01/2003 05:57 PM > > > > Please respond to "Commons HttpClient Project" > > > > > > > > > > > > To: Commons HttpClient Project > > > > > > > > cc: > > > > Subject: Re: WSAD & HTTPClient question > > > > > > > > > > > > Hi Claudio, > > > > > > > >> Does any one know any special consideration I have > > > >> to know in order to make this work under WSAD 4.03? > > > > > > > > If WSAD uses an IBM version of the JDK, which I think it does, you > > > > probably need to get the corresponding IBM version of JSSE. We > once > > > > > > ran > > > > > > > > into a problem trying to use the Sun JSSE jars with an IBM JDK > (1.3, > > > if > > > > I > > > > remember right). > > > > > > > > -- Laura > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > > > commons-httpclient-dev-unsubscribe@jakarta.apache.org > > > > For additional commands, e-mail: > > > > commons-httpclient-dev-help@jakarta.apache.org > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > > > commons-httpclient-dev-unsubscribe@jakarta.apache.org > > > > For additional commands, e-mail: > > > > commons-httpclient-dev-help@jakarta.apache.org > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > > > commons-httpclient-dev-unsubscribe@jakarta.apache.org > > > For additional commands, e-mail: > > > commons-httpclient-dev-help@jakarta.apache.org > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > > commons-httpclient-dev-unsubscribe@jakarta.apache.org > > > For additional commands, e-mail: > > commons-httpclient-dev-help@jakarta.apache.org > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > > commons-httpclient-dev-unsubscribe@jakarta.apache.org > > For additional commands, e-mail: > > commons-httpclient-dev-help@jakarta.apache.org > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > commons-httpclient-dev-unsubscribe@jakarta.apache.org > > For additional commands, e-mail: > commons-httpclient-dev-help@jakarta.apache.org > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > commons-httpclient-dev-unsubscribe@jakarta.apache.org > For additional commands, e-mail: > commons-httpclient-dev-help@jakarta.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org > For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org >