hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSL with Certificate-SSLPeerUnverifiedException
Date Fri, 29 Jul 2005 15:45:39 GMT
Michael,

I suspect the SSL context has not been properly configured and a result
the socket factory was unable to verify the identity of the target
server. Please take a look at the AuthSSLProtocolSocketFactory below:

http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/

There are some guidelines in the javadocs as to how one can correctly 
set up an SSL context with required trust managers and/ or key managers

Oleg

On Fri, Jul 29, 2005 at 11:35:57AM -0400, Michael Clovis wrote:
> Oleg.. or anyone.
> Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier class
that extended HttpClient. Wrote teststub class with TestURL that works in browser for testing
servlet..
> Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported in
1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and OpenSSL. Here
is the test stub...
> 
>  try{
>  BasicConfigurator.configure();
>  HttpClient client = new HttpClient();
>  StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
> 
> 
>  Protocol stricthttps = new Protocol( "https", sf, 443);
>  Protocol.registerProtocol("https",stricthttps);
>  
>  client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
>  
> 
>  String test = "https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";
>  PostMethod post = null;
> 
> 
>  try {
>  post = new PostMethod(test);
>  } catch (Exception e) {
>  e.printStackTrace();
>  throw e;
>  }
>  post.setDoAuthentication(true);
>  try {
>  client.executeMethod(post);
>  } catch (IOException e) {
>  //e.printStackTrace();
>  throw e;
>  }
>  String res = null;
>  if(post!=null &&post.getStatusCode() >= 300){
>  res = String.valueOf(post.getStatusCode());
>  }
>  else if(post!=null){
>  Header headers[] = null;
>  headers = post.getRequestHeaders();
>  if(headers!=null&&headers.length>0){
>  for (int i = 0; i < headers.length; i++) {
>  System.out.println(headers[i].toExternalForm());
> 
>  }
>  }
>  res = new String(post.getResponseBodyAsString());
>  }
>  System.out.println(res);
>  }catch(Exception e){
>  e.printStackTrace();
>  }
> 
> 
> Here is the wire and stack trace..
> 
> D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:\IntelliJ-IDEA-4.5\bin\breakgen.dll
-Dfile.encoding=windows-1252 -classpath D:\J2EE1.4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.jar
com.intellij.rt.execution.application.AppMain TestPlain
> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2_02
> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems
Inc.
> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:\J2EE1.4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.jar
> 10 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system name: Windows
NT
> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system architecture:
x86
> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system version:
4.0
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SUN 1.42: SUN (DSA key/parameter
generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore;
PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJSSE 1.42: Sun JSSE provider(implements
RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunRsaSign 1.42: SUN's provider
for RSA signatures
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJCE 1.42: SunJCE Provider
(implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJGSS 1.0: Sun (Kerberos
v5)
> 560 [main] DEBUG org.apache.commons.httpclient.methods.GetMethod - enter GetMethod(String)
> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod(HttpMethod)
> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod(HostConfiguration,HttpMethod,HttpState)
> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - HttpConnection.setSoTimeout(0)
> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.open()
> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.closeSockedAndStreams()
> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.releaseConnection()
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> 	at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA6275)
> 	at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname(StrictSSLProtocolSocketFactory.java:253)
> 	at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:208)
> 	at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:683)
> 	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:662)
> 	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
> 	at TestPlain.main(TestPlain.java:65)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at java.lang.reflect.Method.invoke(Method.java:324)
> 	at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
> count = 0, total = 67
> 
> Process finished with exit code 0
> 
> Thanks for any insight
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message