hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Terehoff Alex" <terehoff_a...@bah.com>
Subject HttpClient with certificate issued by Oracle OCA
Date Tue, 25 Apr 2006 22:32:53 GMT
We are using HttpClient with EasySSLProtocolSocketFactory and
EasyX509TrustManager over SSL enabled on Oracle Application Server 10g
and we are getting the following error:
 
 
java.security.cert.CertificateException: Untrusted Server Certificate
Chain
 
We are using Oracle OCA (Certificate Authority) and Wallet manager. 
Sertificate is configured correctly and works OK when using Web Browser
(IE, Mozilla, Netscape). The issue however comes when we are attempting
to use HttpClient  to make a call to one of the SSL protected resources
on the AS, as the certificate is self-signed and untrusted.
 
I wonder if sombody can give an advise how to resolve this issue. 
 
In production release we are planning to use self-signed certificates.
 
Here is a trace from the log generated by HttpClient about the
certificate including the error:


[
  Version: V3
  Subject: CN=Trac2es Dev Certificate Authority, OU=Trac2es, O=BAH, C=US
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key:  SunJSSE RSA public key:
  public exponent:
    010001
  modulus:
    bdd87896 e39e7d15 43bb636c 1c5fa020 7cf144fe 619eac75 07f5d9bb
c936b556
    8bc5af9b fc4b65c3 5c3d7077 2030247e 859cca23 b3ae0b48 338cb143
df83b2e1
    ea1098a9 af7c95b8 bc07e521 ef7c8fc2 86d9723c 3ccbd9c8 9d18b668
0dcb8bc2
    8138417a cc86fca8 0f0967ba b6755492 1420319c b64b053f add3dada
7ddf5d96
    1ce1cfdf 76916073 89e503bd 95c3a7d4 08ae5561 c30e19fa 864ff0b3
dcc70b10
    27049610 cbe30a67 043e4509 6a60aba2 c41ebae8 11ce3860 c4941a59
e75946a8
    b5e01781 fc2aa006 f398a8ce 1f83469f 6f0b09b4 c5fe699c aca02d57
87868cd8
    86dfe9bf a3e50cc2 801de477 ee035a40 584af458 8256ac2a cfccbeec
2c81dbc9
  Validity: [From: Fri Mar 24 11:27:24 EST 2006,
               To: Mon Mar 21 11:27:24 EST 2016]
  Issuer: CN=Trac2es Dev Certificate Authority, OU=Trac2es, O=BAH, C=US
  SerialNumber: [    01]
Certificate Extensions: 2
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  Key_CertSign
  Crl_Sign
]
[2]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:3
]
]
  Algorithm: [MD5withRSA]
  Signature:
0000: 68 C3 DE 5A 79 71 CA C0   3B 48 2C F1 AB 75 5C 28
h..Zyq..;H,..u\(
0010: B2 2D 10 E9 B3 79 47 FB   AD 1C BF 8F 20 BE E3 67  .-...yG.....
..g
0020: 70 88 95 4A 68 48 60 D0   7F AD 28 A9 6F 15 A4 0C
p..JhH`...(.o...
0030: CE 1F CC 3B 5C 6C E1 71   5A CF FE 74 C6 D1 47 D9
...;\l.qZ..t..G.
0040: 2C C1 CC 7D 5C F0 37 53   11 87 22 6E A8 E9 B8 A2
,...\.7S.."n....
0050: C3 22 99 D1 2D 09 3C 23   1D CE C2 84 1B 32 21 F6
."..-.<#.....2!.
0060: 17 DB D0 B3 B2 A6 AF D5   99 85 6F BF 7F D5 FC 1A
..........o.....
0070: 1A 60 49 B5 9A 82 17 E6   03 B1 51 8A 8A DA 43 AB
.`I.......Q...C.
0080: F4 67 EB 99 77 60 51 4E   60 5B 5C 72 F6 B7 48 3C
.g..w`QN`[\r..H<
0090: DD A7 0E 3D 9D 01 54 7A   2D 9E C7 E7 70 70 29 F5
...=..Tz-...pp).
00A0: 34 6D AA C6 30 34 8F FC   9F 7B 83 ED 95 17 60 5F
4m..04........`_
00B0: 52 8B D3 74 33 13 A7 5A   23 5B 69 D0 05 10 19 B6
R..t3..Z#[i.....
00C0: 93 49 AF 83 3B E8 47 85   3A D7 3A CD B1 BD 7D CA
.I..;.G.:.:.....
00D0: 14 01 32 CF 3C 59 02 A6   D3 2E 46 8B 44 FA C2 ED
..2.<Y....F.D...
00E0: 0B 44 5D B8 D3 F8 72 7A   04 0E AB AA 10 46 D0 2B
.D]...rz.....F.+
00F0: EC 30 75 6E 1B 03 EB 02   9B 19 DB 97 8C D2 AE A9
.0un............
]
DEBUG AJPRequestHandler-ApplicationServerThread-16
org.apache.commons.httpclient.HttpMethodDirector - Closing the
connection.
DEBUG AJPRequestHandler-ApplicationServerThread-16
org.apache.commons.httpclient.HttpConnection - enter
HttpConnection.close()
DEBUG AJPRequestHandler-ApplicationServerThread-16
org.apache.commons.httpclient.HttpConnection - enter
HttpConnection.closeSockedAndStreams()
DEBUG AJPRequestHandler-ApplicationServerThread-16
org.apache.commons.httpclient.HttpMethodDirector - Method retry handler
returned false. Automatic recovery will not be attempted
DEBUG AJPRequestHandler-ApplicationServerThread-16
org.apache.commons.httpclient.HttpConnection - enter
HttpConnection.releaseConnection()
DEBUG AJPRequestHandler-ApplicationServerThread-16
org.apache.commons.httpclient.HttpConnection - Releasing connection back
to connection manager.
INFO AJPRequestHandler-ApplicationServerThread-16
mil.transcom.trac2es.portal.util.CustomSocketConnector - AGT:[LOGON]
Error: java.security.cert.CertificateException: Untrusted Server
Certificate Chain


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message