hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From srihari na <namasrih...@gmail.com>
Subject HTTPS connections using different certifcate with single client instance
Date Tue, 19 Nov 2013 08:52:05 GMT
We have migrated from http client 3.1 to http client 4.2.5. In http client
4.2.5 version, we are facing problems with SSL(https) calls.

Our implementation has one HTTP client instance. In 3.1 version, we are not
registering(Protocol.register) the ssl protocol and passing the scheme
information in HostConfiguration.setHost method. It was working fine when
we use the the single client, single connection manager connecting to
various endpoints with different certificates.


In latest version, we have replaced the hostConfig with HttpHost. And there
is no possibility to pass the ssl protocol as parameter in HttpHost. So we
are registering the protocol and passing the protocol name in HttpHost. We
are registering like below

Scheme secureSSL = new Scheme("https", 443, authSSL);
HttpSingletonHolder.client.getConnectionManager().getSchemeRegistry().register(secureSSL);

As we have only one client, when ever we are registering the protocol with
new certificate then all requests to other endpoint(which are going  with
old certificate before registering of new certificate) are going with new
certificate. Hence all requests are failing with certificate error.

We tried to register the scheme with "certificate name" instead of "https"
and passing the certificate name in HttpHost.
Scheme secureSSL = new Scheme("certificatename", 443, authSSL);

I want to confirm, Is this a right approach and is there any consequences
for this approach or is there any better approach to handle.

-- 
Regards,
Srihari NA

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message