hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hassan Khan <hassankhan...@gmail.com>
Subject Re: Async client with self signed certificate
Date Thu, 18 May 2017 19:07:51 GMT
Hi,

This is a issue with the CA certs... SSL handshake is failing...

if java turn on ssl debug... you will see the error in detail...

But if you have added the cacert to the java cacert files.. then java
should recognize the self signed cert..

This is not a code issue.. it more to do with cert that is the point i am
trying to make... May be the file Store does not have the self signed
certificate added to it...

Hope it helps

Thanks
Hassan



On Thu, May 18, 2017 at 2:48 PM, Joan Balagueró <
joan.balaguero@grupoventus.com> wrote:

> Hello,
>
>
>
> I’ve been using SSL with client authentication with signed certificates in
> async http client 4.1, with no problem.
>
>
>
> My code is:
>
>
>
> FileInputStream  fKeyStore = new FileInputStream(new
> File(keyStoreLocation));
>
> KeyStore keyStore = KeyStore.getInstance(keyStoreType);
>
> keyStore.load(fKeyStore, keyStorePassword.toCharArray());
>
>
>
> KeyManagerFactory kmfactory =
> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
>
> kmfactory.init(keyStore, keyStorePassword.toCharArray());
>
> KeyManager[] keyManagers = kmfactory.getKeyManagers();
>
>
>
> TrustManagerFactory tmf =
> TrustManagerFactory.getInstance(TrustManagerFactory.
> getDefaultAlgorithm());
>
> tmf.init(keyStore);
>
>
>
> SSLContext sslContext = SSLContexts.custom().build();
>
> sslContext.init(keyManagers, tmf.getTrustManagers(), null);
>
>
>
> return (new SSLIOSessionStrategy(sslContext, new String[] { "TLSv1" },
> null,
> SSLIOSessionStrategy.getDefaultHostnameVerifier()));
>
>
>
>
>
> But now I have an installation with ssl and client authentication but with
> a
> self-signed certificate. Using the previous code I get the following error
> (I suppose because it doesn’t find the CA certificate):
>
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
>
>
>
> Can anyone help me with this? How should I modify the previous code to have
> this working? I’ve tried some alternatives but none of them worked.
>
>
>
> Thanks in advance.
>
>
>
> Joan.
>
>
>
>
>
>
>
>
>
>


-- 
Hassan Khan

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message