hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: HTTPClient SSL self signed cert
Date Mon, 15 Feb 2016 10:47:41 GMT
On Fri, 2016-02-12 at 17:53 -0500, Matt Chambers wrote:
> I’m not sure if I’m daft or just missing something super obvious, but I’m trying
to setup HttpClient to connect to a Spring Boot server using a self signed cert, pretty much
all day.   Works fine via Chome, Python’s ‘requests’ module, and Objective-C but no
matter what I do, this exception haunts me.
> 

Are you sure the server authenticates with a self-signed certificate (no
CA) and not with a certificate signed by a non-standard CA?

Oleg

> java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
> 	at com.zorroa.archivist.sdk.client.ExceptionTranslator.translate(ExceptionTranslator.java:9)
~[archivist-sdk-0.17.0.jar:na]
> 	at com.zorroa.archivist.sdk.client.Http.post(Http.java:39) ~[archivist-sdk-0.17.0.jar:na]
> 	at com.zorroa.archivist.sdk.client.archivist.ArchivistClient.registerAnalyst(ArchivistClient.java:57)
~[archivist-sdk-0.17.0.jar:na]
> 	at com.zorroa.analyst.service.RegisterServiceImpl.runOneIteration(RegisterServiceImpl.java:45)
~[classes/:na]
> 	at com.google.common.util.concurrent.AbstractScheduledService$1$1.run(AbstractScheduledService.java:174)
[guava-18.0.jar:na]
> 	at com.google.common.util.concurrent.Callables$3.run(Callables.java:95) [guava-18.0.jar:na]
> 	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_65]
> 	at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [na:1.8.0_65]
> 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
[na:1.8.0_65]
> 	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
[na:1.8.0_65]
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_65]
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_65]
> 	at java.lang.Thread.run(Thread.java:745) [na:1.8.0_65]
> Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
> 
> I’ve basically tried 1000 different combinations of HttpClient setup and versions,
but this is how I’m setting it up currently:
> 
> this.client = HttpClients.custom()
>         .setConnectionManager(new PoolingHttpClientConnectionManager())
>         .setSSLSocketFactory(new SSLConnectionSocketFactory(SSLContexts.custom()
>                 .loadTrustMaterial(null, new TrustSelfSignedStrategy())
>                 .build()))
>         .setSSLHostnameVerifier(new NoopHostnameVerifier())
>         .build();
> 
> Any help would be greatly appreciated.  
> 
> -Matt
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message