hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From patrunis <patrunisat...@gmail.com>
Subject AuthSSLProtocolSocketFactory : Error
Date Tue, 23 Oct 2007 18:13:09 GMT

Hello All,

I have been trying to use the AuthSSLProtocolSocketFactory for SSL Client
Authentication for a week but without success.

I am trying to use the
org.apache.commons.httpclient.contrib.ssl.contrib.AuthSSLProtocolSocketFactory
class.

I have server.crt(pem encoded certificate file), server.key file and a
root-ca.pem file.
my Apache2 mod_ssl configuration snippet is below:

*********************
SSLCertificateFile "C:/Java/Apache2.2/conf/verisgnCA/server.crt"
SSLCertificateKeyFile "C:/Java/Apache2.2/conf/verisgnCA/server.key"
SSLCACertificateFile "C:/Java/Apache2.2/conf/verisgnCA/root-ca.pem"
SSLVerifyClient require
SSLVerifyDepth  1
*********************
I would like to use the server cert as the client cert for now....(Please
correct me if I should not do this)
I created a keystore using the following command:
keytool -import -file C:/Java/Apache2.2/conf/verisgnCA/server.crt -keypass
C:/Java/Apache2.2/conf/verisgnCA/server.key -alias apacheclient -keystore
client.keystore -storepass 123456
I have created a truststore using the command below:
keytool -import -trustcacerts -file
C:/Java/Apache2.2/conf/verisgnCA/server.crt -keypass
C:/Java/Apache2.2/conf/verisgnCA/server.key -alias apacheclient -keystore
client.truststore -storepass 123456

I did nothing else.. did not mess anything with "cacerts"

Now I have a code like this... in my java client:

HttpClient tempClient = new HttpClient();
AuthSSLProtocolSocketFactory myAuthFactory = new
AuthSSLProtocolSocketFactory(new URL("file:" +
"C:/Java/Apache2.2/conf/verisgnCA/client.keystore"),"123456",new URL("file:"
+ "C:/Java/Apache2.2/conf/verisgnCA/client.keystore"),"123456");

Protocol myhttps = new Protocol("https",myAuthFactory,443);
Protocol.registerProtocol("https", myhttps);
tempClient.getHostConfiguration().setHost("blrsatish.domain.com", 443,
myhttps);
GetMethod getMethodObj = new
GetMethod("https://blrsatish-lt.asiapacific.hpqcorp.net/");
//**** tried like this aswell *****//
//GetMethod getMethodObj = new GetMethod("/");
tempClient.executeMethod(getMethodObj);

I get a java.net.SocketException: Software caused connection abort: recv
failed

What I know for sure is nothing is wrong with the server configuration becos
I can import the cert/key pair to the browser access the site. I can access
the server using the openssl s_client aswell.

Please let me know what is going wrong.. or any steps I missed. I have close
this by end of this week :(

Best Regards,
Satish
-- 
View this message in context: http://www.nabble.com/AuthSSLProtocolSocketFactory-%3A-Error-tf4679375.html#a13370403
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message