hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HTTPCLIENT-1339) SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
Date Mon, 15 Apr 2013 08:10:16 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13631576#comment-13631576

Oleg Kalnichevski commented on HTTPCLIENT-1339:

(1) I have zero tolerance to poor quality bug reports open with critical or blocker priority.
The responsibility of making a very solid case in case of a claim of a critical bug rests
with the reporter.
(2) HttpClient does not implement any custom SSL aspects. It merely makes use of the standard
JSSE services. Any SSL level exceptions in the overwhelming majority cases have absolutely
nothing to do with HttpClient _at all_.   

> SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
> --------------------------------------------------------------------------
>                 Key: HTTPCLIENT-1339
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1339
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>    Affects Versions: 4.2.3
>            Reporter: Juraj Martinka
>            Priority: Critical
> HttpClient (tested against 4.1 version and 4.2.3) suffers from SSLPeerUnverifiedException.
> It can occur randomly, mainly when calling some secured resource in a concurrent fashion.
> However, each time there is a new HttpClient instance some this might not be related
to the threads issues.
> I've created two unit tests - https://gist.github.com/jumarko/34c20054d3d85eaff5a7
> * HttpClientPeerUnverifiedTest - using HttpClient 4.x errors occures in a random fashion
-> sometimes zero failures, but more often than not there  is at least one SSLPeerUnverifiedException
> * OldHttpClientPeerUnverifiedTest - using HttpClient 3.1 everything is working OK
> Stacktrace:
> {code}
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
> at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
> at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:151)
> at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:125)
> at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:641)
> at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:480)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1066)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1044)
> {code}

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message