hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: javax.net.ssl.SSLHandshakeException as a result of new GetMethod("/") ?
Date Fri, 25 Aug 2006 09:58:45 GMT
On Thu, 2006-08-24 at 15:57 +0200, Guy wrote:
> Here is the wire log of the two requests (made in one program):
> 
> the first call gives me an exception, the second one does not as you can
> see:
> 
> first one:
> 
> result key='freetext' value='Unexpected Exception occured:
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target'
> 
> second one:
> 
> result key='freetext' value='The response from https://10.0.10.103:443/ does
> NOT matches regular expression "securit"(truststore used)'
> 
> I left out all other logging the program normally does
> 
> Thanx in advance
> 

Guy,

This is clearly an SSL context configuration problem. Try running your
application with SSL debugging on and see if that gives any clues as to
what may be wrong

Oleg
 

> 
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -Java version: 1.5.0_07
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -Java vendor: Sun
> Microsystems Inc.
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -Java class path:
> D:\MyDoc\develop\Test\Java;D:\MyDoc\develop\DMan\dman\v3.0.0\classes;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\commons-
> logging.jar
> ;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\eif.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\Logger.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\mysql-
> connector-java-3.1.7-bin.jar
> ;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\ojdbc14.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\PD.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\situtil.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\xerces.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\bin\windows\wrapper.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\commons-
> codec-1.3.jar
> ;D:\MyDoc\develop\DMan\dman\v3.0.0\lib\xalan.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\lib\servlet.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\jetty.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\jetty-
> util.jar
> ;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\servlet-
> api-2.5.jar
> ;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\commons-
> httpclient-3.0.1.jar
> ;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\derby.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\derbytools.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\derbyclient.jar;D:\MyDoc\develop\DMan\dman\v3.0.0\packaging\files\WEB-INF\lib\derbynet.jar;D:\MyDoc\develop\Test\lib\xerces.jar;D:\MyDoc\develop\Test\lib\commons-
> httpclient-2.0.jar
> ;D:\MyDoc\develop\Test\lib\Logger.jar;D:\MyDoc\develop\Test\lib\PD.jar;D:\MyDoc\develop\Test\lib\situtil.jar;D:\MyDoc\develop\Test\lib\xalan.jar
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -Operating system name:
> Windows XP
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -Operating system
> architecture: x86
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -Operating system version:
> 5.1
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -SUN 1.5: SUN (DSA
> key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
> X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
> CertPathBuilder; LDAP, Collection CertStores)
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -SunRsaSign 1.5: Sun RSA
> signature provider
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -SunJSSE 1.5: Sun JSSE
> provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -SunJCE 1.5: SunJCE
> Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE,
> Diffie-Hellman, HMAC)
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -SunJGSS 1.0: Sun
> (Kerberos v5)
> 2006/08/24 15:52:58:895 CEST [DEBUG] HttpClient - -SunSASL 1.5: Sun SASL
> provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL,
> PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.useragent = Jakarta Commons-HttpClient/3.0.1
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.version = HTTP/1.1
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.connection-manager.class = class
> org.apache.commons.httpclient.SimpleHttpConnectionManager
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.cookie-policy = rfc2109
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.element-charset = US-ASCII
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.content-charset = ISO-8859-1
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.method.retry-handler =
> org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@18eb9e6
> 2006/08/24 15:52:58:905 CEST [DEBUG] DefaultHttpParams - -Set parameter
> http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
> HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
> dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss
> z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
> HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
> EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
> 2006/08/24 15:52:58:975 CEST [DEBUG] HttpConnection - -Open connection to
> 10.0.10.103:443
> 2006/08/24 15:53:00:237 CEST [DEBUG] header - ->> "GET /dman
> HTTP/1.1[\r][\n]"
> 2006/08/24 15:53:00:237 CEST [DEBUG] HttpMethodBase - -Adding Host request
> header
> 2006/08/24 15:53:00:287 CEST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0.1[\r][\n]"
> 2006/08/24 15:53:00:287 CEST [DEBUG] header - ->> "Host: 10.0.10.103
> [\r][\n]"
> 2006/08/24 15:53:00:287 CEST [DEBUG] header - ->> "[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "HTTP/1.1 302 Temporarily
> moved[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "p3p: CP="NON CUR OTPi OUR
> NOR UNI"[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "content-type:
> text/html[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "transfer-encoding:
> chunked[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "date: Tue, 11 Jul 2006
> 05:51:30 GMT[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "x-old-content-length:
> 1133[\r][\n]"
> 2006/08/24 15:53:02:931 CEST [DEBUG] header - -<< "location:
> https://10.0.10.103/dman/[\r][\n]"
> 2006/08/24 15:53:02:941 CEST [DEBUG] header - -<< "server: WebSEAL/5.1.0.0
> (Build 031024)[\r][\n]"
> 2006/08/24 15:53:02:951 CEST [DEBUG] HttpMethodDirector - -Redirect required
> 2006/08/24 15:53:02:951 CEST [DEBUG] HttpMethodDirector - -Redirect
> requested to location 'https://10.0.10.103/dman/'
> 2006/08/24 15:53:02:951 CEST [DEBUG] HttpMethodDirector - -Redirecting from
> 'https://10.0.10.103:443/dman' to 'https://10.0.10.103/dman/
> 2006/08/24 15:53:02:951 CEST [DEBUG] HttpMethodDirector - -Execute redirect
> 1 of 100
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "4"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "7"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "7"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "[\r]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!DOCTYPE HTML PUBLIC
> "-//IETF//DTD HTML//EN">[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!-- Copyright (C) 2000
> Tivoli Systems, Inc. -->[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!-- Copyright (C) 1999
> IBM Corporation -->[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!-- Copyright (C) 1998
> Dascom, Inc. -->[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!-- All Rights
> Reserved. -->[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!--[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     This is a WebSEAL
> error message template file.  It is used[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     by the WebSEAL
> server to build a response when a particular[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     error occurs.  This
> file can be modified as appropriate.[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     Error details:
> [\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     * Code:
> 0x38cf0421[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     * Text: Moved
> Temporarily[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     [\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "-->[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<html>[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<head>[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<meta
> http-equiv="Content-Type" content= "text/html; charset=UTF-8">[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<!-- Enter message title
> -->[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<title>Moved
> Temporarily</title>[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "</head>[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<body
> bgcolor="#FFFFFF">[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "<img
> src="/dman/pics/amlogo.gif" [\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     width=100% [\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     height="75" [\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     border="0"[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "     alt= "Access
> Manager for e-business Home">[\n]"
> 2006/08/24 15:53:02:971 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<!-- Enter message title
> -->[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<h1><font
> color="#FF0000">Moved Temporarily</font></h1>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<p><!-- Enter error
> description --> The Web resource you have requested has been temporarily
> moved.[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<A HREF="
> https://10.0.10.1"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "03/dman/">Click here</A>
> to fetch the resource.[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<br>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<br>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<br>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "<a href="/dman/">[none
> BUTTON]</a></p>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "</body>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "</html>[\n]"
> 2006/08/24 15:53:02:981 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "[\r]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "0"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "[\r]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "[\r]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:02:991 CEST [DEBUG] HttpMethodBase - -Resorting to protocol
> version default close connection policy
> 2006/08/24 15:53:02:991 CEST [DEBUG] HttpMethodBase - -Should NOT close
> connection, using HTTP/1.1
> 2006/08/24 15:53:02:991 CEST [DEBUG] HttpConnection - -Connection is
> locked.  Call to releaseConnection() ignored.
> 2006/08/24 15:53:02:991 CEST [DEBUG] HttpConnection - -Releasing connection
> back to connection manager.
> 2006/08/24 15:53:03:001 CEST [DEBUG] HttpConnection - -Open connection to
> 10.0.10.103:443
> 2006/08/24 15:53:03:602 CEST [DEBUG] header - ->> "GET /dman/
> HTTP/1.1[\r][\n]"
> 2006/08/24 15:53:03:602 CEST [DEBUG] HttpMethodBase - -Adding Host request
> header
> 2006/08/24 15:53:03:602 CEST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0.1[\r][\n]"
> 2006/08/24 15:53:03:602 CEST [DEBUG] header - ->> "Host: 10.0.10.103
> [\r][\n]"
> 2006/08/24 15:53:03:602 CEST [DEBUG] header - ->> "[\r][\n]"
> 2006/08/24 15:53:03:792 CEST [DEBUG] HttpMethodDirector - -Closing the
> connection.
> 2006/08/24 15:53:03:792 CEST [DEBUG] HttpMethodDirector - -Method retry
> handler returned false. Automatic recovery will not be attempted
> 2006/08/24 15:53:03:792 CEST [DEBUG] HttpConnection - -Releasing connection
> back to connection manager.
> 2006/08/24 15:53:03:792 CEST [DEBUG] HttpConnection - -Releasing connection
> back to connection manager.
> 2006/08/24 15:53:03:792 CEST [DEBUG] HttpConnection - -Open connection to
> 10.0.10.103:443
>  result key='ok' value='0'
>  result key='value' value='999999'
>  result key='freetext' value='Unexpected Exception occured:
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target'
> next monitor
> 2006/08/24 15:53:03:832 CEST [DEBUG] header - ->> "GET / HTTP/1.1[\r][\n]"
> 2006/08/24 15:53:03:832 CEST [DEBUG] HttpMethodBase - -Adding Host request
> header
> 2006/08/24 15:53:03:832 CEST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0.1[\r][\n]"
> 2006/08/24 15:53:03:832 CEST [DEBUG] header - ->> "Host: 10.0.10.103
> [\r][\n]"
> 2006/08/24 15:53:03:832 CEST [DEBUG] header - ->> "[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "HTTP/1.1 200 OK[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "p3p: CP="NON CUR OTPi OUR
> NOR UNI"[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "last-modified: Thu, 16
> Oct 2003 20:01:01 GMT[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "content-type:
> text/html[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "date: Tue, 11 Jul 2006
> 05:51:30 GMT[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "content-length:
> 510[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] header - -<< "server: WebSEAL/5.1.0.0
> (Build 031024)[\r][\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<!DOCTYPE html PUBLIC
> "-//W3C//DTD HTML 3.2//EN">[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<!-- Copyright (C) 2000
> Tivoli Systems, Inc. -->[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<!-- Copyright (C) 1999
> IBM Corporation -->[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<!-- Copyright (C) 1998
> Dascom, Inc. -->[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<!-- All Rights
> Reserved. -->[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<html>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<head>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<meta
> http-equiv="Content-Type" content="text/html; charset=UTF-8">[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<title></title>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "</head>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<body bgcolor="#000000"
> link="#ffffff" alink="#ffffff" vlink= [\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< ""#ffffff">[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< " <br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< " <br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< " <br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<center><img
> src="/pics/iv30.gif" alt=""></center>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "<br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< " <br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< " <br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< " <br>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "</body>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "</html>[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] content - -<< "[\n]"
> 2006/08/24 15:53:04:082 CEST [DEBUG] HttpMethodBase - -Resorting to protocol
> version default close connection policy
> 2006/08/24 15:53:04:082 CEST [DEBUG] HttpMethodBase - -Should NOT close
> connection, using HTTP/1.1
> 2006/08/24 15:53:04:082 CEST [DEBUG] HttpConnection - -Releasing connection
> back to connection manager.
>  result key='ok' value='0'
>  result key='value' value='200'
>  result key='freetext' value='The response from
> https://10.0.10.103:443/does NOT matches regular expression
> "securit"(truststore used)'
> 
> 
> On 8/24/06, Ortwin Gl├╝ck <odi@odi.ch> wrote:
> >
> > Guy,
> >
> > Please provide a wirelog of the two requests.
> >
> > Ortwin
> >
> > Guy wrote:
> > > Hi all,
> > >
> > > i have written an application that checks https connections. I use the
> > > HTTPClient 3.0.1 as described in the SSL guide
> > >
> > > Protocol myhttps = new Protocol("https", new MySSLSocketFactory(), 443);
> > >
> > > HttpClient httpclient = new HttpClient();
> > > httpclient.getHostConfiguration().setHost(myHost, myPort, myhttps);
> > > GetMethod httpget = new GetMethod(myObject);
> > > try {
> > >  httpclient.executeMethod(httpget);
> > >
> > >  byte[] repsonse = getResponseBody();
> > >
> > >  System.out.println(httpget.getStatusLine());
> > > } finally {
> > >  httpget.releaseConnection();
> > > }
> > >
> > > i have two versions of the MySSLSocketFactory: one that does not use a
> > > truststore (accepting any certificate) and one that does.
> > >
> > > i have the following parameters to set:
> > >
> > > myHost, myPort, truststore (used to determine which version of the
> > > MySSLSocketFactory to use), truststorepassword and myObject.
> > >
> > > In the case i set myObject to "/" i get no exception, in case i set
> > > myObject to "/index.html" i get the following exception:
> > >
> > > javax.net.ssl.SSLHandshakeException:
> > > sun.security.validator.ValidatorException: PKIX path building failed:
> > > sun.security.provider.certpath.SunCertPathBuilderException: unable to
> > > find valid certification path to requested target
> > >
> > > The code works fine for other hosts and the result does not change
> > > when using the other version of MySSLSocketFactory: the value of
> > > myObject determines the exception (if the host experiences this
> > > problem)
> > >
> > >
> > > I am stunned because the certificates are valid and are in the
> > > truststore (if they are used)
> > >
> > > Any suggestion or help would be appreciated
> > >
> >
> > --
> > [web]  http://www.odi.ch/
> > [blog] http://www.odi.ch/weblog/
> > [pgp]  key 0x81CF3416
> >         finger print F2B1 B21F F056 D53E 5D79 A5AF 02BE 70F5 81CF 3416
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org
> >
> >


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message