Return-Path: Delivered-To: apmail-jakarta-httpclient-user-archive@www.apache.org Received: (qmail 16431 invoked from network); 23 Apr 2007 09:17:38 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Apr 2007 09:17:38 -0000 Received: (qmail 35830 invoked by uid 500); 23 Apr 2007 09:17:42 -0000 Delivered-To: apmail-jakarta-httpclient-user-archive@jakarta.apache.org Received: (qmail 35813 invoked by uid 500); 23 Apr 2007 09:17:42 -0000 Mailing-List: contact httpclient-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: "HttpClient User Discussion" Reply-To: "HttpClient User Discussion" Delivered-To: mailing list httpclient-user@jakarta.apache.org Received: (qmail 35802 invoked by uid 99); 23 Apr 2007 09:17:42 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Apr 2007 02:17:42 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: neutral (herse.apache.org: local policy) Received: from [62.2.95.247] (HELO smtp.hispeed.ch) (62.2.95.247) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Apr 2007 02:17:34 -0700 Received: from [192.168.0.63] (aare.rz3.beecom.ch [212.71.105.68] (may be forged)) (authenticated bits=0) by smtp.hispeed.ch (8.12.11.20060308/8.12.11/taifun-1.0) with ESMTP id l3N9HBpK006121 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) for ; Mon, 23 Apr 2007 11:17:11 +0200 Subject: Re: SSL Site From: Oleg Kalnichevski To: HttpClient User Discussion In-Reply-To: <10129216.post@talk.nabble.com> References: <9803919.post@talk.nabble.com> <10091683.post@talk.nabble.com> <1177059327.6039.11.camel@okhost> <10129216.post@talk.nabble.com> Content-Type: text/plain Date: Mon, 23 Apr 2007 11:17:11 +0200 Message-Id: <1177319831.5761.31.camel@okhost> Mime-Version: 1.0 X-Mailer: Evolution 2.10.1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.88.7, clamav-milter version 0.88.7 on smtp-07.tornado.cablecom.ch X-Virus-Status: Clean X-DCC-spamcheck-01.tornado.cablecom.ch-Metrics: smtp-07.tornado.cablecom.ch 1377; Body=1 Fuz1=1 Fuz2=1 X-Virus-Checked: Checked by ClamAV on apache.org On Sun, 2007-04-22 at 17:04 -0700, RossW wrote: > > olegk wrote: > > > > > > Ross, > > > > (1) What is the version of JRE you are using? > > > > (2) Please post a _complete_ wire log of the HTTP session. Feel free to > > obfuscate whatever details you deem sensitive. The information given so > > far is simply not sufficient to identify the cause of the problem. > > > > Oleg > > > > > >> > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org > > For additional commands, e-mail: httpclient-user-help@jakarta.apache.org > > > > > > > > Hi thanks for your help...Here is the output from the logging. > > 
> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java version: 1.6.0
> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java vendor: Sun
> Microsystems Inc.
> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java class path:
> C:\Documents and Settings\User\Workspace\HTTPDApp;C:\Program
> Files\eclipse\plugins\org.eclipse.swt.win32.win32.x86_3.2.2.v3235a.jar
> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system name:
> Windows XP
> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system
> architecture: x86
> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system version:
> 5.1
> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SUN 1.6: SUN (DSA
> key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
> X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
> CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy;
> JavaLoginConfig Configuration)
> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SunRsaSign 1.5: Sun RSA
> signature provider
> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SunJSSE 1.6: Sun JSSE
> provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
> 2007/04/23 09:55:27:078 EST [DEBUG] HttpClient - SunJCE 1.6: SunJCE Provider
> (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE,
> Diffie-Hellman, HMAC)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunJGSS 1.0: Sun (Kerberos
> v5, SPNEGO)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunSASL 1.5: Sun SASL
> provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL,
> PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - XMLDSig 1.0: XMLDSig (DOM
> XMLSignatureFactory; DOM KeyInfoFactory)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunPCSC 1.6: Sun PC/SC
> provider
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunMSCAPI 1.6: Sun's
> Microsoft Crypto API provider
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.useragent = Jakarta Commons-HttpClient/3.1-alpha1
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.version = HTTP/1.1
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.connection-manager.class = class
> org.apache.commons.httpclient.SimpleHttpConnectionManager
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.cookie-policy = default
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.element-charset = US-ASCII
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.content-charset = ISO-8859-1
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.method.retry-handler =
> org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@c3c315
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
> HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
> dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss
> z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
> HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
> EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpConnection - Open connection to
> www.securesite.com:443
> 2007/04/23 09:55:48:359 EST [DEBUG] HttpMethodDirector - Closing the
> connection.
> 2007/04/23 09:55:48:359 EST [INFO] HttpMethodDirector - I/O exception
> (java.net.ConnectException) caught when processing request: Connection timed
> out: connect
> 2007/04/23 09:55:48:359 EST [DEBUG] HttpMethodDirector - Connection timed
> out: connect  connect>java.net.ConnectException: Connection timed out: connect
> 	at java.net.PlainSocketImpl.socketConnect(Native Method)
> 	at java.net.PlainSocketImpl.doConnect(Unknown Source)
> 	at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
> 	at java.net.PlainSocketImpl.connect(Unknown Source)
> 	at java.net.SocksSocketImpl.connect(Unknown Source)
> 	at java.net.Socket.connect(Unknown Source)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.(Unknown Source)
> 	at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(Unknown
> Source)
> 	at
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(Unknown
> Source)
> 	at
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(Unknown
> Source)
> 	at org.apache.commons.httpclient.HttpConnection.open(Unknown Source)
> 	at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown
> Source)
> 	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown
> Source)
> 	at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
> 	at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown Source)
> 
> 
> 
> 2007/04/23 09:55:48:359 EST [INFO] HttpMethodDirector - Retrying request
> 2007/04/23 09:55:48:359 EST [DEBUG] HttpConnection - Open connection to
> www.securesite.com:443
> 
> So just to add to this posting ill give your some info about what i am
> trying to do again.  I have a secure site with with basic authentication
> that i need to access.  I can get my app to access a non SSL site with basic
> authent without any probs but have been unable to do the same with a
> particular intra network SSL site.  Here is the code i have to deal with the
> certificates as well:
> 

Ross,

This appears to be some kind of connectivity problem. Is this an
intranet or internet site? Can you establish a connection to that site
using a browser? 

You do not explicitly set a connect timeout value, so JRE the default
one applies. Try explicitly setting the connect timeout value to
something like 10 min and see what happens. 

Oleg


> 	    TrustManager[] trustAllCerts = new TrustManager[]{
> 	        new X509TrustManager() {
> 	            public java.security.cert.X509Certificate[]
> getAcceptedIssuers() {
> 	                return null;
> 	            }
> 	            public void checkClientTrusted(
> 	                java.security.cert.X509Certificate[] certs, String
> authType) {
> 	            }
> 	            public void checkServerTrusted(
> 	                java.security.cert.X509Certificate[] certs, String
> authType) {
> 	            }
> 	        }
> 	    };
> 	    
> 	    try {
> 	    	SSLContext sc = SSLContext.getInstance("SSLv3");
> 	        sc.init(null, trustAllCerts, new java.security.SecureRandom());
> 	       
> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
> 	    } catch (Exception e) {
> 	    	
> 	    	e.getMessage();
> 	    	
> 	    }
> 
>
--------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: httpclient-user-help@jakarta.apache.org