hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Gregory <garydgreg...@gmail.com>
Subject Re: Async client with self signed certificate
Date Thu, 18 May 2017 19:22:24 GMT
You can remove most of this boilerplate if use use the SslContextBuilder
class.

Gary

On May 18, 2017 11:48 AM, "Joan Balagueró" <joan.balaguero@grupoventus.com>
wrote:

> Hello,
>
>
>
> I’ve been using SSL with client authentication with signed certificates in
> async http client 4.1, with no problem.
>
>
>
> My code is:
>
>
>
> FileInputStream  fKeyStore = new FileInputStream(new
> File(keyStoreLocation));
>
> KeyStore keyStore = KeyStore.getInstance(keyStoreType);
>
> keyStore.load(fKeyStore, keyStorePassword.toCharArray());
>
>
>
> KeyManagerFactory kmfactory =
> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
>
> kmfactory.init(keyStore, keyStorePassword.toCharArray());
>
> KeyManager[] keyManagers = kmfactory.getKeyManagers();
>
>
>
> TrustManagerFactory tmf =
> TrustManagerFactory.getInstance(TrustManagerFactory.
> getDefaultAlgorithm());
>
> tmf.init(keyStore);
>
>
>
> SSLContext sslContext = SSLContexts.custom().build();
>
> sslContext.init(keyManagers, tmf.getTrustManagers(), null);
>
>
>
> return (new SSLIOSessionStrategy(sslContext, new String[] { "TLSv1" },
> null,
> SSLIOSessionStrategy.getDefaultHostnameVerifier()));
>
>
>
>
>
> But now I have an installation with ssl and client authentication but with
> a
> self-signed certificate. Using the previous code I get the following error
> (I suppose because it doesn’t find the CA certificate):
>
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
>
>
>
> Can anyone help me with this? How should I modify the previous code to have
> this working? I’ve tried some alternatives but none of them worked.
>
>
>
> Thanks in advance.
>
>
>
> Joan.
>
>
>
>
>
>
>
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message