You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Sachin Shetty <ss...@egnyte.com> on 2012/12/17 11:24:27 UTC
Random javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated)
Hi,
I am using HttpClient with https and pooled connection manager as follows:
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs, String
string) throws CertificateException { }
public void checkServerTrusted(X509Certificate[] xcs, String
string) throws CertificateException { }
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
ctx.init(null, new TrustManager[]{tm}, null);
SSLSocketFactory sf = new SSLSocketFactory(
ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme https = new Scheme("https", 443, sf);
SchemeRegistry sr = new SchemeRegistry();
sr.register(https);
PoolingClientConnectionManager cm = new
PoolingClientConnectionManager(sr);
cm.setMaxTotal(200);
cm.setDefaultMaxPerRoute(50);
httpClient = new DefaultHttpClient(cm);
httpClient.getParams().setParameter("http.socket.timeout",
SOCKET_TIMEOUT);
httpClient.getParams().setParameter("http.connection.timeout",
CONNECT_TIMEOUT);
httpClient.getParams().setParameter("http.connection-manager.timeout",
CONNECT_TIMEOUT);
It seems to work most of the time, but I have seen operations fail randomly
with javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated. I
think it is something to do with Keep Alive and cached connections because I
usually see it happening after an extended idle time.
Thanks
Sachin
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org