hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Trouble with TrustManager and TrustStrategy for self-signed-certificates
Date Tue, 14 Dec 2010 09:15:30 GMT
On Tue, 2010-12-14 at 09:19 +0100, Gerhard Sinne wrote:
> > 
> > Gerd
> > 
> > I find it somewhat difficult to believe that the trust manager never
> > gets called. You might want to turn on the SSL debugging to find out
> > what certificates are trusted.
> > 
> > 
> http://download.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html
> 
> > 
> > Oleg
> > 
> 
> Oleg,
> 
> thanks for generous support and your valuable time. Really appreciate your 
> help as I'm stuck with 
> this problem for some time now. 
> 
> I suspected my server beeing faulty, but I can connect with CURL and WGET 
> using HTTPS without
> a problem.
> 
> Anyway, here is the important part of the Debug stack.  The trustManager's 
> method are definetely not called.
> ------------------------------------------------------------------------------------------------------------
> ...
> main, WRITE: SSLv2 client hello message, length = 98
> [Raw write]: length = 100
> ...
> main, received EOFException: error
> main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host 
> closed connection during handshake
> main, SEND TLSv1 ALERT:  fatal, description = handshake_failure
> main, WRITE: TLSv1 Alert, length = 2

Gerd

This looks like a SSL protocol compatibility issue. Try using a
different version of the protocol (SSLv1 or TLSv1) and see if that makes
any difference.

Cheers

Oleg 



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message