You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Anton Khitrenovich (JIRA)" <ji...@apache.org> on 2011/06/22 17:38:47 UTC
[jira] [Commented] (HTTPCLIENT-1091) Regression: 2 way
authentication with SSL doesn't work in versions 4.1.x, used to work with
4.0.x
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13053314#comment-13053314 ]
Anton Khitrenovich commented on HTTPCLIENT-1091:
------------------------------------------------
New RFE in Sun bug database: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7052928
> Regression: 2 way authentication with SSL doesn't work in versions 4.1.x, used to work with 4.0.x
> -------------------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1091
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1091
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.1.1
> Reporter: Yuri Manusov
> Attachments: ClientConnectionTest.java, clientKeyStore.p12, clientTrustStore.jks, openSSLCertsCreation.bat, server.xml, serverKeyStore.jks
>
>
> Tried to create an SSL tunnel with two way authentication, was able to do that with versions 4.0.1 and 4.0.3, but in versions 4.1 and 4.1.1 I get the exception:
> Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390)
> at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
> at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
> at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
> at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561)
> at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
> at ClientConnectionTest.main(ClientConnectionTest.java:38)
> the creation of the SSL certificates was done using open ssl and java keytool (script will be attached in openSSLCertsCreation.bat).
> as a client I've used a simple java client (will attach ClientConnectionTest.java)
> as a server Tomcat was used, and configured to allow ssl communication with 2 way authentication (clientAuth="true").
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org