You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Mark Dundon <ma...@thedundons.co.uk> on 2007/10/07 00:12:04 UTC
error connecting to HTTPS avax.net.ssl.SSLHandshakeException: unknown certificate
Hi I'm getting the following stack trace
[06/10/07 23:04:28:609 BST] 6cfbe370 SystemErr R Fatal transport error:
unknown certificate
[06/10/07 23:04:28:609 BST] 6cfbe370 SystemErr R
javax.net.ssl.SSLHandshakeException: unknown certificate
[06/10/07 23:04:28:609 BST] 6cfbe370 SystemErr R at
com.ibm.jsse.bg.a(Unknown Source)
[06/10/07 23:04:28:609 BST] 6cfbe370 SystemErr R at
com.ibm.jsse.b.a(Unknown
Source)
[06/10/07 23:04:28:609 BST] 6cfbe370 SystemErr R at
com.ibm.jsse.b.write(Unknown Source)
from this code ... anyone know how to overcome the handshake exception?
HttpClient client = new HttpClient();
PostMethod post = new PostMethod("https://somehttpsurl.com");
NameValuePair[] data = {
new NameValuePair("name1", "value1"),
....
new NameValuePair("nameX","valueX")
};
post.setRequestBody(data);
try
{
// Execute the method.
int statusCode = client.executeMethod(post);
if (statusCode != HttpStatus.SC_OK)
{
System.err.println("Method failed: " + post.getStatusLine());
}
// Read the response body.
byte[] responseBody = post.getResponseBody();
// Deal with the response.
// Use caution: ensure correct character encoding and is not binary data
out.println(new String(responseBody));
}
catch (HttpException e)
{
System.err.println("Fatal protocol violation: " + e.getMessage());
e.printStackTrace();
}
catch (IOException e)
{
System.err.println("Fatal transport error: " + e.getMessage());
e.printStackTrace();
}
finally
{
// Release the connection.
post.releaseConnection();
}
Re: error connecting to HTTPS avax.net.ssl.SSLHandshakeException:
unknown certificate
Posted by Roland Weber <os...@dubioso.net>.
Hello Mark,
> I'm not sure how I can obtain the HTTPS cert from the address I'm
> connecting to and place it in the keystore. For example when a browser
> connects, it automatically receives the cert from the HTTPS address and does
Check if your browser allows to export the certificates.
Or maybe not-yet-commons-ssl can read the browser certificate store.
> so without prompting if it is (the cert) signed by an appropriate / trusted
> CA such as verisign and prompts when it's not signed as such. The question
> I've got is either 1. how to obtain that cert and import,
See above, try with the browser first. Or else you hack some Java
code that opens an SSL connection and follows the certificate
chain, fetching and saving the certificates along the way.
> or 2. configure
> the Java code so that it automatically accepts the cert.
You've found the instructions for doing that when you followed
the link to our SSL guide which I posted previously.
cheers,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: error connecting to HTTPS avax.net.ssl.SSLHandshakeException: unknown certificate
Posted by Mark Dundon <ma...@thedundons.co.uk>.
Thanks for the reply Roland, it is appreciated. I do understand that there
is an issue with certs but as I haven't connected to SSL / HTTPS in Java
before I'm not sure how I can obtain the HTTPS cert from the address I'm
connecting to and place it in the keystore. For example when a browser
connects, it automatically receives the cert from the HTTPS address and does
so without prompting if it is (the cert) signed by an appropriate / trusted
CA such as verisign and prompts when it's not signed as such. The question
I've got is either 1. how to obtain that cert and import, or 2. configure
the Java code so that it automatically accepts the cert.
Thanks
Mark
On 07/10/2007, Roland Weber <os...@dubioso.net> wrote:
>
> Mark Dundon wrote:
> >
> > unknown certificate
>
> Isn't that error message self-explanatory? Import the
> certificate required for the site you are connecting to.
>
> http://jakarta.apache.org/httpcomponents/httpclient-3.x/sslguide.html
> http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html
>
> Or use a dedicated certificate store and nyc-ssl:
> http://www.juliusdavies.ca/commons-ssl/
>
> cheers,
> Roland
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
>
Re: error connecting to HTTPS avax.net.ssl.SSLHandshakeException:
unknown certificate
Posted by Roland Weber <os...@dubioso.net>.
Mark Dundon wrote:
>
> unknown certificate
Isn't that error message self-explanatory? Import the
certificate required for the site you are connecting to.
http://jakarta.apache.org/httpcomponents/httpclient-3.x/sslguide.html
http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html
Or use a dedicated certificate store and nyc-ssl:
http://www.juliusdavies.ca/commons-ssl/
cheers,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org