hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thorsten Scherler <thorsten.scherler....@juntadeandalucia.es>
Subject Re: SSLHandshakeException: No trusted certificate found
Date Fri, 07 May 2004 10:04:15 GMT
Hi Oleg,

thanks a million for the link! ...but one question the 
EasySSLProtocolSocketFactory.java is refering to which version of the 
http-client? I am using 2.0 (bin) and the following imports cannot be 
resolved:
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.HttpClientError;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory;
import org.apache.commons.httpclient.protocol.ReflectionSocketFactory;

Thanks again!
King regards
Thorsten

Kalnichevski, Oleg wrote:

>Hi Thorsten
>
>Have a look at the 'Customizing SSL' section of the HttpClient SSL guide <http://jakarta.apache.org/commons/httpclient/sslguide.html>
>
>Oleg
>
>-----Original Message-----
>From: Thorsten Scherler
>[mailto:thorsten.scherler.ext@juntadeandalucia.es]
>Sent: Friday, May 07, 2004 11:26
>To: Commons HttpClient Project
>Subject: SSLHandshakeException: No trusted certificate found
>
>
>Hello group,
>
>I have a problem with ssl. I am monitoring different services with a
>server. Now I have a service that throws exceptions:
>https://desafirma.cjap.junta-andalucia.es
>
>The reason is a "No trusted certificate found". If I try
>https://www.sun.com everything is fine because it is a trusted one.
>
>I found the following thread:
>http://forum.java.sun.com/thread.jsp?thread=515154&forum=2&message=2454974
>...but how can I incorporate that in my HTTP-Client?
>
>Thanks for any ideas, links or solutions.
>
>King regards
>Thorsten
>
>Code that I use:
>import java.io.IOException;
>
>import org.apache.commons.httpclient.HttpMethod;
>import org.apache.commons.httpclient.HttpRecoverableException;
>import org.apache.commons.httpclient.methods.GetMethod;
>import org.apache.commons.logging.Log;
>import org.apache.commons.logging.LogFactory;
>
>/**
> * @author Thorsten Scherler
> * @mail thorsten@apache.org
> *
> */
>public class HttpClient implements HttpClientInterface {
>    private static Log LOG = LogFactory.getLog(HttpClient.class);
>    public String getHttp(String address, int timeout) throws Exception {
>        //Create an instance of HttpClient.
>        org.apache.commons.httpclient.HttpClient client =
>            new org.apache.commons.httpclient.HttpClient();
>        if (LOG.isDebugEnabled())
>            LOG.debug("<-Sonda-SONAR->HttpClient->START");
>        //initialize parameter
>        String url = null;
>        //test whether a protocol prefix exist
>        String protocol = "http://";
>        String protocolS = "https://";
>        if (address.indexOf(protocol) > -1
>            || address.indexOf(protocolS) > -1) {
>            url = address;
>        } else {
>            url = protocol + address;
>        }
>        //DEBUG: Parameter testing
>        if (LOG.isDebugEnabled())
>            LOG.debug("<-Sonda-SONAR->HttpClient->address->" + address);
>        if (LOG.isDebugEnabled())
>            LOG.debug("<-Sonda-SONAR->HttpClient->URL->"+url);
>
>        //establish a connection within 5 seconds
>        client.setConnectionTimeout(timeout);
>        // Create a method instance.
>        HttpMethod method = new GetMethod(url);
>        //Follow redirects
>        method.setFollowRedirects(false);
>        //Mask the client
>        //Win
>        //method.setRequestHeader(
>        //            "user-agent",
>        //            "Mozilla/5.0 (Windows; U; Windows NT 5.0; en - US;
>rv : 1.6) Gecko / 20040113 ");
>        //Linux
>        method.setRequestHeader(
>            "user-agent",
>            "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1)
>Gecko/20021");
>        //Execute the method.
>        int statusCode = -1;
>        //We will retry up to 3 times.
>        for (int attempt = 0; statusCode == -1 && attempt < 3; attempt++) {
>            try {
>                // execute the method.
>                statusCode = client.executeMethod(method);
>            } catch (IOException e) {
>                if (LOG.isErrorEnabled())
>                    LOG.error("Failed to download file.", e);
>                if (LOG.isDebugEnabled())
>                    LOG.debug("<-Sonda-SONAR->HttpClient->END");
>                return "666";
>            }
>        }
>        // Check that we didn't run out of retries.
>        //If so reply with a fake http-code,
>        //666 is not a valid HTTP code, it was choosen because of that ;-)
>        if (statusCode == -1) {
>            if (LOG.isErrorEnabled())
>                           
>LOG.error("<-Sonda-SONAR->HttpClient->ERROR->FAILED TO RECOVER");
>            if (LOG.isDebugEnabled())
>                LOG.debug("<-Sonda-SONAR->HttpClient->END");
>            return "666";
>        }
>
>        //Read the response code
>        try {
>            int code = method.getStatusCode();
>            if (LOG.isDebugEnabled())
>                LOG.debug("Status code: " + code);
>            //DEBUG: Parameter testing
>            //System.err.println(code);
>            //DEBUG: Read the response body.
>            //byte[] responseBody = method.getResponseBody();
>
>            //Release the connection and response with the response code.
>            method.releaseConnection();
>
>            //DEBUG: Deal with the response.
>            // Use caution: ensure correct character encoding and is not
>binary data
>            //System.err.println(new String(responseBody));
>            if (LOG.isDebugEnabled())
>                LOG.debug("<-Sonda-SONAR->HttpClient->END");
>            return String.valueOf(code);
>        } catch (RuntimeException e1) {
>            if (LOG.isErrorEnabled())
>                LOG.error("<-Sonda-SONAR->HttpClient->ERROR->", e1);
>            //Release the connection.
>            method.releaseConnection();
>            //If so reply with a fake http-code,
>            //666 is not a valid HTTP code, it was choosen because of
>that ;-)
>            if (LOG.isDebugEnabled())
>                LOG.debug("<-Sonda-SONAR->HttpClient->END");
>            return "666";
>        }
>    }
>
>The exception I get:
>2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient -
><-Sonda-SONAR->HttpClient->START
>2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient -
><-Sonda-SONAR->HttpClient->address->https://desafirma.cjap.junta-andalucia.es
>2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient -
><-Sonda-SONAR->HttpClient->URL->https://desafirma.cjap.junta-andalucia.es
>2004.05.07 11:20:42,287 [Thread-60 ] ERROR sonda.sonar.HttpClient -
>Failed to download file.
>javax.net.ssl.SSLHandshakeException:
>sun.security.validator.ValidatorException: No trusted certificate found
>        at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
>        at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
>        at
>org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1368)
>        at
>java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
>        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
>        at
>org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:799)
>        at
>org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2277)
>        at
>org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2657)
>        at
>org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1093)
>        at
>org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:675)
>        at
>org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
>        at sonda.sonar.HttpClient.getHttp(HttpClient.java:66)
>        at sonda.sonar.ClassChooser.coreTesting(ClassChooser.java:151)
>        at sonda.sonar.ClassChooser.TestValueBean(ClassChooser.java:65)
>        at sonda.scheduling.SchedulerDoTest.main(SchedulerDoTest.java:76)
>        at sonda.scheduling.ScheduleBean.doSchedule(ScheduleBean.java:109)
>        at sonda.scheduling.ScheduleBean.initialize(ScheduleBean.java:66)
>        at
>sonda.scheduling.SondaScheduler$1.doTesting(SondaScheduler.java:69)
>        at sonda.scheduling.SondaScheduler$1.run(SondaScheduler.java:55)
>        at java.util.TimerThread.mainLoop(Timer.java:432)
>        at java.util.TimerThread.run(Timer.java:382)
>Caused by: sun.security.validator.ValidatorException: No trusted
>certificate found
>        at
>sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
>        at
>sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
>        at sun.security.validator.Validator.validate(Validator.java:202)
>        at
>com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275)
>        at
>com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275)
>        ... 26 more
>2004.05.07 11:20:42,333 [Thread-60 ] DEBUG sonda.sonar.HttpClient -
><-Sonda-SONAR->HttpClient->END
>
>--
>Thorsten Scherler
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
>
>
>***************************************************************************************************
>The information in this email is confidential and may be legally privileged.  Access to
this email by anyone other than the intended addressee is unauthorized.  If you are not the
intended recipient of this message, any review, disclosure, copying, distribution, retention,
or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful.
 If you are not the intended recipient, please reply to or forward a copy of this message
to the sender and delete the message, any attachments, and any copies thereof from your system.
>***************************************************************************************************
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
>
>
>
>  
>


-- 
Thorsten Scherler

Departamento de Desarrollo de Proyectos
Sociedad Andaluza para el Desarrollo de la Sociedad de la Información S.A.U.
Avda. de la Arboleda s/n
41940 - Tomares,  (Sevilla)
Tlfn: (+34) 955 062 627
e-mail: thorsten.scherler.ext@juntadeandalucia.es

Este correo electrónico y, en su caso, cualquier fichero anexo al mismo,
contiene información de carácter confidencial exclusivamente dirigida a su
destinatario o destinatarios. Queda prohibida su divulgación, copia o
distribución a terceros sin la previa autorización escrita de "Sociedad
Andaluza para el Desarrollo de la Sociedad de la Información, S.A.U.". Si no
es Ud. el destinatario del mensaje le ruego lo destruya sin hacer copia
digital o física, comunicando a Sociedad Andaluza para el Desarrollo de la
Sociedad de la Información S.A.U. vía e-mail o fax la recepción del presente
mensaje. Toda declaración de voluntad contenida deberá ser tenida por no
producida. Gracias.
____________________________________________________________________________
___________________

The information in this e-mail and in any attachments is confidential and
solely for the attention and use of the named addressee(s). You are hereby
notified that any dissemination, distribution or copy of this communication
is prohibited without the prior written consent of "Sociedad Andaluza para
el Desarrollo de la Sociedad de la Información, S.A.U.". If you are not the
formal receiver of this message please destroy it without making any digital
or physical copy and inform "Sociedad Andaluza para el Desarrollo de la
Sociedad de la Información S.A.U." , by e-mail or fax, of the reception of
the present message. Any whatsoever involuntary declaration contained
herewith must be taken as having no legal effect. Thank you.



---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message