hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guy With Question <guy_with_quest...@yahoo.com>
Subject Re: SSLHandshakeException
Date Fri, 10 Mar 2006 15:02:42 GMT
This time I was successful in importing my server's certificate by using the following command-
   
  keytool -import -alias local -file XP.cer
   
  The import was successful, but I still get the exact same SSLHandshakeException. Please
help...
   
  Thanks!

Guy With Question <guy_with_question@yahoo.com> wrote:
    Hi,
   
  I have a question regarding the usage of HttpClient. I hope to find an answer here.
   
  Platform: WebLogic 8.1 SP5 Dev license; JDK 1.4.2_08; HttpClient-3.0-rc3
   
  Problem Description: I have written a small http client code that has to call a servlet
over SSL. The servlet is running on the SAME server (WL8.1 dev license) that the client is
running. During run-time I get the following exception.
  =======================================================
  <Mar 9, 2006 5:26:04 PM EST> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN
alert was received from WinXP-hammer.local - 10.1.11.30. The peer has an unspecified issue
with the certificate. SSL debug tracing should be enabled on
the peer to determine what the issue is.>
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted
certificate found
        at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA12275)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
        at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:825)
        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1975)
        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:393)
        at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:168)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
        at com.corp.ui.shared.util.LoginHttpClient.sendPostRequest(LoginHttpClient.java:43)
        at com.corp.ui.seller.action.SellerLoginAction.execute(SellerLoginAction.java:65)
        at org.mwolff.struts.back.BackRequestProcessor.processActionPerform(BackRequestProcessor.java:109)
        at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:226)
        at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164)
        at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
        at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1072)
        at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
        at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6981)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
        at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3892)
        at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2766)
        at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
        at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
        at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
        at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
        at sun.security.validator.Validator.validate(Validator.java:202)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA12275)
        at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA12275)
        ... 34 more
  =======================================================
   
   
  I do not know why the client is not recognizing a certificate presented my the server that's
hosting the client itself! I know JSSE is set-up correctly because I use the same client to
communicate with HTTPS sites on the Internet.
   
  Solution Tried
  I used IE's certificate wizard to export my server's certificate into a XP.cer file. I then
tried adding the server's certificate to jdk\jre\lib\security\cacerts using keytool, but I
get the following error:
   
  =============================
  keytool -import -alias cacerts -file XP.cer
Enter keystore password:  password
keytool error: java.lang.Exception: Certificate not imported, alias <cacerts> already
exists
=============================
   
  Can someone tell me how to resolve this issue?
    
---------------------------------
  Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze. 

		
---------------------------------
Brings words and photos together (easily) with
 PhotoMail  - it's free and works with Yahoo! Mail.
Mime
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message