hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Thielen <da...@windward.net>
Subject RE: https digest request failing with security exception
Date Sat, 01 Apr 2017 19:03:48 GMT
Thank you!


-----Original Message-----
From: Bindul Bhowmik [mailto:bindulbhowmik@gmail.com] 
Sent: Friday, March 31, 2017 3:17 PM
To: HttpClient User Discussion <httpclient-users@hc.apache.org>
Subject: Re: https digest request failing with security exception

David,

On Fri, Mar 31, 2017 at 1:23 PM, David Thielen <david@windward.net> wrote:
> Hi;
>
> Second question. Is there a way to tell it I trust any certificate? That way I can connect
to self-signed servers.

You will need a variation of TrustStrategy [1] like TrustSelfSignedStrategy [2]. The ClientCustomSSL
example [3] shows (among other customizations) how to use a non-default TrustStrategy.

Of course, standard advise to not use that in production code.

- Bindul

[1] https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/TrustStrategy.html
[2] https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/TrustSelfSignedStrategy.html
[3] http://hc.apache.org/httpcomponents-client-4.5.x/httpclient/examples/org/apache/http/examples/client/ClientCustomSSL.java

>
> ??? - thanks - dave
>
>
> -----Original Message-----
> From: Bhowmik, Bindul [mailto:bindulbhowmik@gmail.com]
> Sent: Friday, March 31, 2017 11:31 AM
> To: HttpClient User Discussion <httpclient-users@hc.apache.org>
> Subject: Re: https digest request failing with security exception
>
> Dave,
>
> On Fri, Mar 31, 2017 at 11:21 AM, David Thielen <david@windward.net> wrote:
>> I have some simple code that does what I think is a correct & basic 
>> request to read the url 
>> https://httpbin.org/digest-auth/auth/user/passwd
>>
>> Reading that url in a browser works fine. But the code throws:
>> Exception in thread "main" javax.net.ssl.SSLHandshakeException: 
>> sun.security.validator.ValidatorException: PKIX path building failed: 
>> sun.security.provider.certpath.SunCertPathBuilderException: unable to 
>> find valid certification path to requested target at 
>> sun.security.ssl.Alerts.getSSLException
>>
>> I have the code and full exception stack at http://stackoverflow.com/questions/43146218/https-digest-request-failing-with-security-exception
(not repeated here to keep this email short).
>>
>> Any ideas?
>
> httpbin.org uses SSL cert from Let's Encrypt, and you are most likely 
> hitting an issue with your JRE missing their CA certs. See
> https://community.letsencrypt.org/t/certificate-error-sun-security-val
> idator-validatorexception-pkix-path-building-failed-sun-security-provi
> der-certpath-suncertpathbuilderexception-unable-to-find-valid-certific
> ation-path-to-requested-target/28283
>
>>
>> Thanks - dave
>>
>
> - Bindul
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org

Mime
View raw message