hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Becke <be...@u.washington.edu>
Subject Re: AW: Proxied SSL connection
Date Tue, 05 Aug 2003 16:00:51 GMT
Ulrich Freyer-Hirtz wrote:
> May be at another port. There are running two Apache. One as Proxy,
> one as WebServer. I'll try to find out the port-configuration. I'm
> wondering, who creates that CONNECT-Statement ? Ask the Client the
> Server : "What Protocoll do you have at Port 80?" ? I told the client
> to be myHttps  (which is the Instantiation of my SSLProtocol written
> for the workaround "untrusted certificates") not to be HTTP.

The connect method is handled internally by HttpClient.  CONNECT is 
always done via HTTP and then this connection is used to tunnel HTTPS.

> The Code was stolen from an example out of a thread from this list,
> discussing a similary theme. Just checked it out with
> UserPasswordCredentials, but there was no success.

The credentials are only needed if your proxy requires authentication. 
The NTLM credentials are used for NTLM authentication.  It is possible 
that the server uses NTLM authentication I just thought it was a little 
strange.

> What about the SSL Testprogramm. It runs with example
> "www.verisign.com". Does that really mean, that everything in
> SSL-configuration is all right. Why throws it an "Caused by:
> java.security.cert.CertificateException: Could not find trusted
> certificate"-Exception ? Do I have to register our certificate on
> Cleint-Site ? In the program ?

By default, JSSE only supports SSL certs that are signed by Verisign, 
Thawte and a few others.  Self-signed certs (I'm guessing this is what 
you are using) require the custom SSLProtocol workaround.

Mike


Mime
View raw message