You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Sachin Shetty <ss...@egnyte.com> on 2012/12/17 11:24:27 UTC

Random javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated)

Hi,

I am using HttpClient with https and pooled connection manager as follows:

		SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] xcs, String
string) throws CertificateException { }
            public void checkServerTrusted(X509Certificate[] xcs, String
string) throws CertificateException { }
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        ctx.init(null, new TrustManager[]{tm}, null);		
        SSLSocketFactory sf = new SSLSocketFactory(
		    ctx,
		    SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

		Scheme https = new Scheme("https", 443, sf);
		
		SchemeRegistry sr = new SchemeRegistry();
		sr.register(https);

		PoolingClientConnectionManager cm = new
PoolingClientConnectionManager(sr);
		cm.setMaxTotal(200);
		cm.setDefaultMaxPerRoute(50);

		httpClient = new DefaultHttpClient(cm);
      	httpClient.getParams().setParameter("http.socket.timeout",
SOCKET_TIMEOUT);
      	httpClient.getParams().setParameter("http.connection.timeout",
CONNECT_TIMEOUT);
 
httpClient.getParams().setParameter("http.connection-manager.timeout",
CONNECT_TIMEOUT);


It seems to work most of the time, but I have seen operations fail randomly
with javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated. I
think it is something to do with Keep Alive and cached connections because I
usually see it happening after an extended idle time.

Thanks
Sachin


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org