hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Wilson <tecywiz...@hotmail.com>
Subject Re: Trust all certificates
Date Fri, 08 Apr 2016 22:23:11 GMT
There are quite a few documents out there that go over SSL/TLS. Really 
depends on what you need to know. Wikipedia might be a good place to 
start, and there's always google to find out more. I seem to remember 
Mozilla had some decent high level documentation, but I think they've 
marked it as out of date.

What's happening right now is that you can't complete the SSL handshake 
for some reason. StackOverflow has a post about someone having a similar 
problem: http://stackoverflow.com/a/6353956

Hope that helps,
Sam

On 4/8/16 5:22 PM, Robson Roberto Souza Peixoto wrote:
> I'm a complete noob. Are there resources to help-me understand the problem.
>
> On Fri, Apr 8, 2016 at 6:16 PM Sam Wilson <tecywiz121@hotmail.com> wrote:
>
>> You can only turn off as much SSL validation as you control. The server
>> may also terminate a connection (say, for instance, it requires a client
>> SSL certificate.)
>>
>> On 4/8/16 4:53 PM, Robson Roberto Souza Peixoto wrote:
>>> But are there a way to disable the `SSL Verification`?
>>>
>>> I just wanna to ignore all SSL Verification.
>>>
>>> Thanks
>>>
>>> On Fri, Apr 8, 2016 at 5:26 PM Bernd Eckenfels <ecki@zusammenkunft.net>
>>> wrote:
>>>
>>>> The exception you are showing means the server terminated the handshake
>>>> for some reason. Hard to say why. It might require a client cert or does
>>>> not like yout proposed ciphers or ssl protocols.
>>>>
>>>>
>>>>
>>>> This particular exception seems not related to untrusted certificates,
>>>> your different approaches are both valid to accept all certs (ad long
>> as it
>>>> understands a common cipher and certificate type)
>>>>
>>>>
>>>> Gruss
>>>> Bernd
>>>> --
>>>> http://bernd.eckenfels.net
>>>>   From Win 10 Mobile
>>>>
>>>>
>>>>
>>>> *Von: *Robson Roberto Souza Peixoto <robsonpeixoto@gmail.com>
>>>> *Gesendet: *Freitag, 8. April 2016 22:16
>>>> *An: *httpclient-users@hc.apache.org
>>>> *Betreff: *Trust all certificates
>>>>
>>>>
>>>>
>>>> Hi guys,
>>>>
>>>>
>>>>
>>>> I'm using the HC to crawler a lot of sites =D. It's working like a
>> charm. I
>>>> really in love with HC.
>>>>
>>>>
>>>>
>>>> But I'm getting the error `javax.net.ssl.SSLHandshakeException: Received
>>>>
>>>> fatal alert: handshake_failure` when I try to access a page with a
>> invalid
>>>> Certificate.
>>>>
>>>>
>>>>
>>>> I googled a lot and tried all solutions, but no one worked.
>>>>
>>>> Here a gist with my last try:
>>>>
>>>> https://gist.github.com/robsonpeixoto/07c0409e20a1332c586585fcd1e3db25
>>>>
>>>>
>>>>
>>>> Are there a easy solution to trust all certificates of all hosts with
>> HC?
>>>>
>>>>
>>>> Thanks
>>>>
>>>> --
>>>>
>>>> Robson Roberto Souza Peixoto
>>>>
>>>> Robinho
>>>>
>>>> Master in Computer Science, University of Campinas
>>>>
>>>> IRC: robsonpeixoto
>>>>
>>>> Twitter: http://twitter.com/robinhopeixoto
>>>>
>>>> github: https://github.com/robsonpeixoto
>>>>
>>>>
>>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
>> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>>
>> --
> Robson Roberto Souza Peixoto
> Robinho
> Master in Computer Science, University of Campinas
> IRC: robsonpeixoto
> Twitter: http://twitter.com/robinhopeixoto
> github: https://github.com/robsonpeixoto
>


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message