hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSLPeerUnverifiedException: peer not authenticated
Date Wed, 09 Jun 2010 21:14:13 GMT
On Wed, 2010-06-09 at 15:40 +0100, Martin Flower wrote:
> With https basic authentication, I can connect successfully to one https url (https://mediacenter.gmx.net),
but not to another (https://www.ebico.co.uk).  The second one throws an error
> 
> Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> 	at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
> 	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> 
> The certificate is a root certificate granted by Verisign.  Basic authentication.
> 
> I'm using httpclient 4.0.1 and httpcore 4.0.1.
> 
> Code is :
> 
>   DefaultHttpClient httpClient = new DefaultHttpClient();
> 				
>   httpClient.getCredentialsProvider().setCredentials(
>     new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT), 
>     new UsernamePasswordCredentials(username, password));
> 		 				
>   HttpGet initialGet = new HttpGet(submitUrl);
> 
>   HttpResponse response = httpClient.execute(initialGet); // throws javax.net.ssl.SSLPeerUnverifiedException:
peer not authenticated
>   
> The exception is thrown as session.peerCerts is null              
> 
> I've investigated the use of a custom https scheme in order to vary the enabled protocols
("SSLv2Hello", "SSLv3", "TLSv1") - but this has not solved the problem.
> 
> Any ideas ?
> 
> 

The certificate used by the site (www.ebico.co.uk) is trusted neither by
Java Runtime nor by Firefox. You need to customize the SSL context used
by HttpClient and configure this certificate as trusted, if you trust
the site.

Oleg


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message