hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <oleg.kalnichev...@bearingpoint.com>
Subject RE: HttpClient, SSL, Websphere 5.1, IBM JSSE
Date Wed, 08 Sep 2004 12:03:45 GMT


On Wed, 2004-09-08 at 13:56, Li, Francis wrote:
> Can you see what's wrong ? 

> javax.net.ssl.SSLHandshakeException: unknown certificate

Yep, the certificate is not trusted. Take a look at the 
EasySSLProtocolSocketFactory class in the 'contrib' package. This is one
of the possible ways to work the problem around. A better solution would
be to make the certificate of the target server trusted. See 
AuthSSLProtocolSocketFactory class for details

http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH

Hope this helps

Oleg

> I also attach the trace file from WAS for SSL
> related.
> 
> [9/8/04 7:53:53:114 EDT]  35b7cbd SystemErr     R
> javax.net.ssl.SSLHandshakeException: unknown certificate
> [9/8/04 7:53:53:114 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.jsse.bg.a(Unknown Source)
> [9/8/04 7:53:53:114 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.jsse.b.a(Unknown Source)
> [9/8/04 7:53:53:114 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.jsse.b.write(Unknown Source)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(H
> ttpConnection.java:1368)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:81)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> java.io.BufferedOutputStream.flush(BufferedOutputStream.java:139)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(Ht
> tpConnection.java:799)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpCon
> nectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManag
> er.java:1234)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase
> .java:2277)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBa
> se.java:2657)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java
> :1093)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:6
> 75)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:5
> 29)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.maui.MauiView.sendRequest(MauiView.java:148)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.maui.MauiView.sendMauiRequest(MauiView.java:105)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.maui.BSSO999View.login(BSSO999View.java:68)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.stp.util.STPDefault.login2FBSI(STPDefault.java:354)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.stp.servlet.ControlServlet.login2FBSI(ControlServlet.java:78)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.stp.servlet.ControlServlet.initConnection(ControlServlet.java:4
> 2)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.stp.servlet.ControlServlet.execute(ControlServlet.java:88)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fbtc.stp.servlet.STPServlet.performTask(STPServlet.java:129)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.fmr.etad.runtime.ConfigServlet.doGet(ConfigServlet.java:67)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> [9/8/04 7:53:53:130 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.StrictServletInstance.doService(StrictSe
> rvletInstance.java:110)
> [9/8/04 7:53:53:192 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._service(StrictLi
> fecycleServlet.java:174)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.IdleServletState.service(StrictLifecycle
> Servlet.java:313)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.service(StrictLif
> ecycleServlet.java:116)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.ServletInstance.service(ServletInstance.
> java:283)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.ValidServletReferenceState.dispatch(Vali
> dServletReferenceState.java:42)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.servlet.ServletInstanceReference.dispatch(Servle
> tInstanceReference.java:40)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handleWebAppDispa
> tch(WebAppRequestDispatcher.java:974)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRe
> questDispatcher.java:555)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppReq
> uestDispatcher.java:200)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:1
> 19)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInv
> oker.java:276)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocati
> on(CachedInvocation.java:71)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(Servle
> tRequestProcessor.java:182)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSELis
> tener.java:334)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection
> .java:56)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:
> 618)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.http.HttpConnection.run(HttpConnection.java:439)
> [9/8/04 7:53:53:208 EDT]  35b7cbd SystemErr     R 	at
> com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:593)
> 
> 
> 
> -----Original Message-----
> From: Oleg Kalnichevski [mailto:oleg.kalnichevski@bearingpoint.com] 
> Sent: Wednesday, September 08, 2004 7:49 AM
> To: Commons HttpClient Project
> Subject: Re: HttpClient, SSL, Websphere 5.1, IBM JSSE
> 
> 
> 
> Francis,
> 
> HttpClient _should_ actually work as is with the latest IBM JDKs. Only
> in our 'contrib' package we use Sun JDK specific classes.
> 
> If it is not the case please let me know. The exception stack trace
> would help 
> 
> Anyway, for detailed info on SSL customization please refer to the
> HttpClient SSL guide:
> 
> http://jakarta.apache.org/commons/httpclient/sslguide.html
> 
> Oleg
> 
> 
> On Wed, 2004-09-08 at 13:20, Li, Francis wrote:
> > Hi there, 
> > 
> > I would like to use SSL with HttpClient in WAS 5.1,  it was running
> > fine with in stand along program with SUN JSSE. But WAS come with IBM
> > JSSE, so how can I configure HttpClient to use IBM JSSE. 
> > 
> > Thanks in advance.
> > 
> > 
> > 
> > ______________________________________________________________________
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
> 
> ************************************************************************
> ***************************
> The information in this email is confidential and may be legally
> privileged.  Access to this email by anyone other than the intended
> addressee is unauthorized.  If you are not the intended recipient of
> this message, any review, disclosure, copying, distribution, retention,
> or any action taken or omitted to be taken in reliance on it is
> prohibited and may be unlawful.  If you are not the intended recipient,
> please reply to or forward a copy of this message to the sender and
> delete the message, any attachments, and any copies thereof from your
> system.
> ************************************************************************
> ***************************
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
> 
> 
> ______________________________________________________________________
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

***************************************************************************************************
The information in this email is confidential and may be legally privileged.  Access to this
email by anyone other than the intended addressee is unauthorized.  If you are not the intended
recipient of this message, any review, disclosure, copying, distribution, retention, or any
action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. 
If you are not the intended recipient, please reply to or forward a copy of this message to
the sender and delete the message, any attachments, and any copies thereof from your system.
***************************************************************************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message