hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gerhard Sinne <GSi...@orga-systems.com>
Subject Re: Trouble with TrustManager and TrustStrategy for self-signed-certificates
Date Tue, 14 Dec 2010 08:19:02 GMT
> 
> Gerd
> 
> I find it somewhat difficult to believe that the trust manager never
> gets called. You might want to turn on the SSL debugging to find out
> what certificates are trusted.
> 
> 
http://download.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html

> 
> Oleg
> 

Oleg,

thanks for generous support and your valuable time. Really appreciate your 
help as I'm stuck with 
this problem for some time now. 

I suspected my server beeing faulty, but I can connect with CURL and WGET 
using HTTPS without
a problem.

Anyway, here is the important part of the Debug stack.  The trustManager's 
method are definetely not called.
------------------------------------------------------------------------------------------------------------
...
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
...
main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host 
closed connection during handshake
main, SEND TLSv1 ALERT:  fatal, description = handshake_failure
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 28                               ......(
main, called closeSocket()
main, IOException in getSession():  javax.net.ssl.SSLHandshakeException: 
Remote host closed connection during handshake
Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer 
not authenticated
        at 
com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown 
Source)
        at 
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
        at 
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:391)
        at 
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
        at 
org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)main, 
called close()
main, called closeInternal(true)
        at 
org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
        at 
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:562)
        at 
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
        at 
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:700)
        at 
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:625)
        at 
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:603)
        at ClientTrustManager.main(ClientTrustManager.java:46)
------------------------------------------------------------------------------------------------------------

What wonders me is this line:
 
        main, IOException in getSession(): 
javax.net.ssl.SSLHandshakeException: Remote host closed connection during 
handshake

but why then can I use CURL without a problem ?

Gerd


The information included in this e-mail and any files transmitted with it is strictly confidential
and may be privileged or otherwise protected from disclosure. If you are not the intended
recipient, please notify the sender immediately by e-mail and delete this e-mail as well as
any attachment from your system. If you are not the intended recipient you are not authorized
to use and/or copy this message and/or attachment and/or disclose the contents to any other
person.
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message