hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Knooihuisen <m...@simplysolutionscoding.com>
Subject Peer Not Authenticated exception when connecting over https
Date Wed, 18 Jul 2012 23:17:37 GMT
Hi All,

I have an Apache HTTPS server which requires client authentications.
I receive the exception "javax.net.ssl.SSLPeerUnverifiedException:
peer not authenticated" when using the following code to perform the
authentication.  The same trust/keystores that are used in my example
work perfectly with the Java builtin HttpsURLConnection class, but
fails with HttpComponents.  Thank you in advance for the help!

Best,
Mike

Syntax Highlighted Version:
http://pastie.org/4279713

Plain Text Version (Without Import Statements:

public class SSLConnect {

        static final String KSPASS = "password_here";

        private final String URL =
"https://appa.simplysolutionscoding.com/index.php";
        private ArrayList<NameValuePair> nvps;
        private DefaultHttpClient dhc;

        public SSLConnect() {
                nvps = null;
                dhc = null;

                // setup truststore
                try {
                        HttpParams params = new BasicHttpParams();

                        InputStream tstream = new
FileInputStream("mike.keystore");
                        KeyStore trustStore = KeyStore.getInstance(KeyStore
                                        .getDefaultType());
                        trustStore.load(tstream, "test12".toCharArray());

                        TrustManagerFactory trustFactory = TrustManagerFactory

.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustFactory.init(trustStore);

                        KeyManagerFactory keyFactory = KeyManagerFactory
                                        .getInstance("SunX509");
                        InputStream keyInput = new FileInputStream("mike.jks");
                        KeyStore keystore = KeyStore.getInstance("JKS");
                        keystore.load(keyInput, KSPASS.toCharArray());

                        // trustStore.load(keyInput, KSPASS.toCharArray());

                        keyFactory.init(trustStore, KSPASS.toCharArray());

                        SSLSocketFactory ssl = new
SSLSocketFactory(trustStore, KSPASS,
                                        keystore);


params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000L);

                        SchemeRegistry sr = new SchemeRegistry();
                        Scheme https = new Scheme("https", 443, ssl);
                        sr.register(https);

                        // Create Connection Manager that takes care
of the connections
                        // created by the client
                        ClientConnectionManager httpConnectionManager = new
PoolingClientConnectionManager(sr);

                        dhc = new DefaultHttpClient(httpConnectionManager);
                        // ssl.connectSocket(socket, remote, null, params);

                        System.setProperty("javax.net.debug", "all");

                } catch (Exception ex) {
                        ex.printStackTrace();
                }

        }

        /**
         * Sends the specified command to the server and returns the
server's parsed
         * XML reply
         *
         * @param args
         *            a <Hashtable> of parameters to send to the server
         * @return an XML parsed <Document>
         */
        public Document sendCmd(Hashtable<String, String> args) {
                HttpPost conn = new HttpPost(URL);

                add("user", "mike");
                add("password", "mikey12");

                try {
                        conn.setEntity(new UrlEncodedFormEntity(nvps));
                        HttpResponse resp = dhc.execute(conn);

                        // get the reply
                        System.out.println(resp.getStatusLine());
                        HttpEntity entity = resp.getEntity();
                        BufferedReader reader = new BufferedReader(new
InputStreamReader(
                                        entity.getContent()));
                        String line;

                        while ((line = reader.readLine()) != null) {
                                System.out.println(line);
                        }
                        // do something useful with the response body
                        // and ensure it is fully consumed

                        EntityUtils.consume(entity);

                } catch (Exception e) {
                        e.printStackTrace();
                } finally {
                        conn.releaseConnection();
                }

                return null;

        }

        /**
         * Convenience method to add $_POST values
         *
         * @param key
         *            the name of the $_POST value
         * @param value
         *            the data value to send
         */
        private void add(String key, String value) {
                if (nvps == null) {
                        nvps = new ArrayList<NameValuePair>();
                }

                nvps.add(new BasicNameValuePair(key, value));
        }

        public void displayResp(Document doc, OutputStream out) throws
Exception {

                TransformerFactory tfactory = TransformerFactory.newInstance();
                Transformer serializer;
                try {
                        serializer = tfactory.newTransformer();
                        // Setup indenting to "pretty print"
                        serializer.setOutputProperty(OutputKeys.INDENT, "yes");
                        serializer.setOutputProperty(

"{http://xml.apache.org/xslt}indent-amount", "2");

                        serializer.transform(new DOMSource(doc), new
StreamResult(out));
                } catch (TransformerException e) {
                        // this is fatal, just dump the stack and
throw a runtime exception
                        e.printStackTrace();

                        throw new RuntimeException(e);
                }
        }

}

/** ERROR MESSAGE */
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
        at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
        at SSLConnect.sendCmd(SSLConnect.java:114)
        at Backend.test(Backend.java:39)
        at Backend.<init>(Backend.java:29)
        at Backend.main(Backend.java:21)

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message