You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Michael Clovis <mc...@mindbridge.com> on 2005/07/29 17:35:57 UTC
SSL with Certificate-SSLPeerUnverifiedException
Oleg.. or anyone.
Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier class that extended HttpClient. Wrote teststub class with TestURL that works in browser for testing servlet..
Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported in 1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and OpenSSL. Here is the test stub...
try{
BasicConfigurator.configure();
HttpClient client = new HttpClient();
StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
Protocol stricthttps = new Protocol( "https", sf, 443);
Protocol.registerProtocol("https",stricthttps);
client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
String test = "https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";
PostMethod post = null;
try {
post = new PostMethod(test);
} catch (Exception e) {
e.printStackTrace();
throw e;
}
post.setDoAuthentication(true);
try {
client.executeMethod(post);
} catch (IOException e) {
//e.printStackTrace();
throw e;
}
String res = null;
if(post!=null &&post.getStatusCode() >= 300){
res = String.valueOf(post.getStatusCode());
}
else if(post!=null){
Header headers[] = null;
headers = post.getRequestHeaders();
if(headers!=null&&headers.length>0){
for (int i = 0; i < headers.length; i++) {
System.out.println(headers[i].toExternalForm());
}
}
res = new String(post.getResponseBodyAsString());
}
System.out.println(res);
}catch(Exception e){
e.printStackTrace();
}
Here is the wire and stack trace..
D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:\IntelliJ-IDEA-4.5\bin\breakgen.dll -Dfile.encoding=windows-1252 -classpath D:\J2EE1.4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.jar com.intellij.rt.execution.application.AppMain TestPlain
0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2_02
0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems Inc.
0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:\J2EE1.4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.jar
10 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system name: Windows NT
20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system architecture: x86
20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system version: 4.0
390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SUN 1.42: SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJSSE 1.42: Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunRsaSign 1.42: SUN's provider for RSA signatures
390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJCE 1.42: SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJGSS 1.0: Sun (Kerberos v5)
560 [main] DEBUG org.apache.commons.httpclient.methods.GetMethod - enter GetMethod(String)
560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod(HttpMethod)
560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod(HostConfiguration,HttpMethod,HttpState)
851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - HttpConnection.setSoTimeout(0)
851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.open()
1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.closeSockedAndStreams()
1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.releaseConnection()
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA6275)
at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname(StrictSSLProtocolSocketFactory.java:253)
at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:208)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:683)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:662)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
at TestPlain.main(TestPlain.java:65)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
count = 0, total = 67
Process finished with exit code 0
Thanks for any insight
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: Re: Re: SSL with Certificate-SSLPeerUnverifiedException
Posted by Michael Clovis <mc...@mindbridge.com>.
Oleg,
And this may be a configuration issue on the test machine...
The code is failing in the following place..
X509Certificate[] certs = session.getPeerCertificateChain();
or if I try to establish a session on my own..
session.getPeerCertificates();
both with similar stacktraces..
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(DashoA6275)
this is PRIOR to verifying against any Collection, or store on the client as far as I can see.
Any thoughts..
---------- Original Message ----------
Date: 7/29/05
From: Oleg Kalnichevski <ol...@apache.org>
To: httpclient-user@jakarta.apache.org
Subject: Re: Re: SSL with Certificate-SSLPeerUnverifiedException
>On Fri, Jul 29, 2005 at 12:15:27PM -0400, Michael Clovis wrote:
>>
>> Oleg.. again thanks for help.. Had a version (2.0.2 compliant) of AuthSSLProtocolSocketFactory.
>This class seems to me that you would have to have the cert added to keystore using
>keytool on each client machine..
>>
>
>Just create a keystore file of your own, ship it with your
>application as a regular resource accessible via a class loader, and
>live happily ever after
>
>
>> I was under impression that HttpClient did not venture into keystore area because
>there was no API to include certs into keystore. Had to use keytool..
>
>It does not. Strictly speaking one does not have to use keytool in order
>to import a private key or public certificate into a Keystore instance.
>This can be done using regular JCE classes at the runtime. However, I do
>not see a single compelling reason to do so, because you still have to
>store the cert or the key somewhere. So, why not storing them in a
>keystore file, which besides convenience also provides (some) security
>by optionally protecting the file with a pass phrase (password)?
>
>
>So.. (pardon my ignorance) but if I understood what needed to be done plus this is
>a swing application that lives on anyone within a company's employ.. Confused..
>
>I hope this clarifies the matter somewhat
>
>Oleg
>
>
>
>> Thanks for your quick responses.
>> ---------- Original Message ----------
>> Date: 7/29/05
>> From: Oleg Kalnichevski <ol...@apache.org>
>> To: httpclient-user@jakarta.apache.org
>> Subject: Re: SSL with Certificate-SSLPeerUnverifiedException
>>
>> >Michael,
>> >
>> >I suspect the SSL context has not been properly configured and a result
>> >the socket factory was unable to verify the identity of the target
>> >server. Please take a look at the AuthSSLProtocolSocketFactory below:
>> >
>> ><a <a href='href='http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/'target='_top'>http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/</a>' target='_top'>href='http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/'target='_top'>http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/</a></a>
>
>> >There are some guidelines in the javadocs as to how one can correctly
>> >set up an SSL context with required trust managers and/ or key managers
>> >
>> >Oleg
>> >
>> >On Fri, Jul 29, 2005 at 11:35:57AM -0400, Michael Clovis wrote:
>> >> Oleg.. or anyone.
>> >> Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier
>> >class that extended HttpClient. Wrote teststub class with TestURL that works in
>browser
>> >for testing servlet..
>> >> Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported
>> >in 1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and
>OpenSSL.
>> >Here is the test stub...
>> >>
>> >> try{
>> >> BasicConfigurator.configure();
>> >> HttpClient client = new HttpClient();
>> >> StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
>> >>
>> >>
>> >> Protocol stricthttps = new Protocol( "https", sf, 443);
>> >> Protocol.registerProtocol("https",stricthttps);
>> >>
>> >> client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
>> >>
>> >>
>> >> String test = <a <a href='href='"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";'' target='_top'>href='"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";'</a>
><a href='target='_top'>"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";</a>' target='_top'>target='_top'>"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";</a></a>
>> >> PostMethod post = null;
>> >>
>> >>
>> >> try {
>> >> post = new PostMethod(test);
>> >> } catch (Exception e) {
>> >> e.printStackTrace();
>> >> throw e;
>> >> }
>> >> post.setDoAuthentication(true);
>> >> try {
>> >> client.executeMethod(post);
>> >> } catch (IOException e) {
>> >> //e.printStackTrace();
>> >> throw e;
>> >> }
>> >> String res = null;
>> >> if(post!=null &&post.getStatusCode() >= 300){
>> >> res = String.valueOf(post.getStatusCode());
>> >> }
>> >> else if(post!=null){
>> >> Header headers[] = null;
>> >> headers = post.getRequestHeaders();
>> >> if(headers!=null&&headers.length>0){
>> >> for (int i = 0; i < headers.length; i++) {
>> >> System.out.println(headers[i].toExternalForm());
>> >>
>> >> }
>> >> }
>> >> res = new String(post.getResponseBodyAsString());
>> >> }
>> >> System.out.println(res);
>> >> }catch(Exception e){
>> >> e.printStackTrace();
>> >> }
>> >>
>> >>
>> >> Here is the wire and stack trace..
>> >>
>> >> D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:
>> >\IntelliJ-IDEA-4.5\bin\breakgen.dll -Dfile.encoding=windows-1252 -classpath D:
>\J2EE1.
>> >4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
>> >jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;
>D:
>> >\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
>> >jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:
>\J2EE1.
>> >4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;
>D:\J2EE1.
>> >4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
>> >jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
>> >jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
>> >jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.
>jar;
>> >D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.
>4SDK\jdk\lib\htmlconverter_g.
>> >jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.
>4SDK\jdk\lib\jax-
>> >qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
>> >D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
>> >jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
>> >jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.
>jar;
>> >D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:
>\J2EE1.
>> >4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0
>_02\common\lib\servlet.
>> >jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.
>jar;
>> >D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.
>jar;
>> >D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
>> >jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
>> >0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
>> >jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:
>\SystemTray\systray.
>> >jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
>> >2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
>> >api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
>> >jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1
>\junit.
>> >jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.
>jar;
>> >S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
>> >jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:
>\Mindbridge\lib\jcifs-
>> >0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.
>jar;
>> >S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
>> >dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
>> >2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
>> >jar com.intellij.rt.execution.application.AppMain TestPlain
>> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2
>_02
>> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems
>> >Inc.
>> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:
>\J2EE1.
>> >4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
>> >jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;
>D:
>> >\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
>> >jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:
>\J2EE1.
>> >4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;
>D:\J2EE1.
>> >4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
>> >jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
>> >jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
>> >jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.
>jar;
>> >D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.
>4SDK\jdk\lib\htmlconverter_g.
>> >jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.
>4SDK\jdk\lib\jax-
>> >qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
>> >D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
>> >jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
>> >jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.
>jar;
>> >D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:
>\J2EE1.
>> >4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0
>_02\common\lib\servlet.
>> >jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.
>jar;
>> >D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.
>jar;
>> >D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
>> >jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
>> >0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
>> >jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:
>\SystemTray\systray.
>> >jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
>> >2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
>> >api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
>> >jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1
>\junit.
>> >jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.
>jar;
>> >S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
>> >jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:
>\Mindbridge\lib\jcifs-
>> >0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.
>jar;
>> >S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
>> >dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
>> >2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
>> >jar
>> >> 10 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system
>name:
>> >Windows NT
>> >> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system
>architecture:
>> >x86
>> >> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system
>version:
>> >4.0
>> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SUN 1.42: SUN (DSA
>> >key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509
>certificates;
>> >JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
>> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJSSE 1.42: Sun
>JSSE
>> >provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3,
>TLSv1)
>> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunRsaSign 1.42:
>SUN's
>> >provider for RSA signatures
>> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJCE 1.42: SunJCE
>> >Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-
>MD5,
>> >HMAC-SHA1)
>> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJGSS 1.0: Sun
>(Kerberos
>> >v5)
>> >> 560 [main] DEBUG org.apache.commons.httpclient.methods.GetMethod - enter GetMethod
>> >(String)
>> >> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.
>executeMethod
>> >(HttpMethod)
>> >> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.
>executeMethod
>> >(HostConfiguration,HttpMethod,HttpState)
>> >> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - HttpConnection.
>> >setSoTimeout(0)
>> >> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
>> >open()
>> >> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
>> >closeSockedAndStreams()
>> >> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
>> >releaseConnection()
>> >> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>> >> at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA6275)
>> >> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.
>verifyHostname
>> >(StrictSSLProtocolSocketFactory.java:253)
>> >> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.
>createSocket
>> >(StrictSSLProtocolSocketFactory.java:208)
>> >> at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:683)
>> >> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:662)
>> >> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
>> >> at TestPlain.main(TestPlain.java:65)
>> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
>39)
>> >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.
>> >java:25)
>> >> at java.lang.reflect.Method.invoke(Method.java:324)
>> >> at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
>> >> count = 0, total = 67
>> >>
>> >> Process finished with exit code 0
>> >>
>> >> Thanks for any insight
>> >>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>> >> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>> >>
>> >>
>> >
>> >---------------------------------------------------------------------
>> >To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>> >For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>>
>>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: Re: Re: SSL with Certificate-SSLPeerUnverifiedException
Posted by Michael Clovis <mc...@mindbridge.com>.
Oleg,
And this may be a configuration issue on the test machine...
The code is failing in the following place..
X509Certificate[] certs = session.getPeerCertificateChain();
or if I try to establish a session on my own..
session.getPeerCertificates();
both with similar stacktraces..
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(DashoA6275)
this is PRIOR to verifying against any Collection, or store on the client as far as I can see.
Any thoughts..
---------- Original Message ----------
Date: 7/29/05
From: Oleg Kalnichevski <ol...@apache.org>
To: httpclient-user@jakarta.apache.org
Subject: Re: Re: SSL with Certificate-SSLPeerUnverifiedException
>On Fri, Jul 29, 2005 at 12:15:27PM -0400, Michael Clovis wrote:
>>
>> Oleg.. again thanks for help.. Had a version (2.0.2 compliant) of AuthSSLProtocolSocketFactory.
>This class seems to me that you would have to have the cert added to keystore using
>keytool on each client machine..
>>
>
>Just create a keystore file of your own, ship it with your
>application as a regular resource accessible via a class loader, and
>live happily ever after
>
>
>> I was under impression that HttpClient did not venture into keystore area because
>there was no API to include certs into keystore. Had to use keytool..
>
>It does not. Strictly speaking one does not have to use keytool in order
>to import a private key or public certificate into a Keystore instance.
>This can be done using regular JCE classes at the runtime. However, I do
>not see a single compelling reason to do so, because you still have to
>store the cert or the key somewhere. So, why not storing them in a
>keystore file, which besides convenience also provides (some) security
>by optionally protecting the file with a pass phrase (password)?
>
>
>So.. (pardon my ignorance) but if I understood what needed to be done plus this is
>a swing application that lives on anyone within a company's employ.. Confused..
>
>I hope this clarifies the matter somewhat
>
>Oleg
>
>
>
>> Thanks for your quick responses.
>> ---------- Original Message ----------
>> Date: 7/29/05
>> From: Oleg Kalnichevski <ol...@apache.org>
>> To: httpclient-user@jakarta.apache.org
>> Subject: Re: SSL with Certificate-SSLPeerUnverifiedException
>>
>> >Michael,
>> >
>> >I suspect the SSL context has not been properly configured and a result
>> >the socket factory was unable to verify the identity of the target
>> >server. Please take a look at the AuthSSLProtocolSocketFactory below:
>> >
>> ><a <a href='href='http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/'target='_top'>http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/</a>' target='_top'>href='http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/'target='_top'>http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/</a></a>
>
>> >There are some guidelines in the javadocs as to how one can correctly
>> >set up an SSL context with required trust managers and/ or key managers
>> >
>> >Oleg
>> >
>> >On Fri, Jul 29, 2005 at 11:35:57AM -0400, Michael Clovis wrote:
>> >> Oleg.. or anyone.
>> >> Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier
>> >class that extended HttpClient. Wrote teststub class with TestURL that works in
>browser
>> >for testing servlet..
>> >> Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported
>> >in 1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and
>OpenSSL.
>> >Here is the test stub...
>> >>
>> >> try{
>> >> BasicConfigurator.configure();
>> >> HttpClient client = new HttpClient();
>> >> StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
>> >>
>> >>
>> >> Protocol stricthttps = new Protocol( "https", sf, 443);
>> >> Protocol.registerProtocol("https",stricthttps);
>> >>
>> >> client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
>> >>
>> >>
>> >> String test = <a <a href='href='"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";'' target='_top'>href='"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";'</a>
><a href='target='_top'>"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";</a>' target='_top'>target='_top'>"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";</a></a>
>> >> PostMethod post = null;
>> >>
>> >>
>> >> try {
>> >> post = new PostMethod(test);
>> >> } catch (Exception e) {
>> >> e.printStackTrace();
>> >> throw e;
>> >> }
>> >> post.setDoAuthentication(true);
>> >> try {
>> >> client.executeMethod(post);
>> >> } catch (IOException e) {
>> >> //e.printStackTrace();
>> >> throw e;
>> >> }
>> >> String res = null;
>> >> if(post!=null &&post.getStatusCode() >= 300){
>> >> res = String.valueOf(post.getStatusCode());
>> >> }
>> >> else if(post!=null){
>> >> Header headers[] = null;
>> >> headers = post.getRequestHeaders();
>> >> if(headers!=null&&headers.length>0){
>> >> for (int i = 0; i < headers.length; i++) {
>> >> System.out.println(headers[i].toExternalForm());
>> >>
>> >> }
>> >> }
>> >> res = new String(post.getResponseBodyAsString());
>> >> }
>> >> System.out.println(res);
>> >> }catch(Exception e){
>> >> e.printStackTrace();
>> >> }
>> >>
>> >>
>> >> Here is the wire and stack trace..
>> >>
>> >> D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:
>> >\IntelliJ-IDEA-4.5\bin\breakgen.dll -Dfile.encoding=windows-1252 -classpath D:
>\J2EE1.
>> >4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
>> >jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;
>D:
>> >\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
>> >jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:
>\J2EE1.
>> >4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;
>D:\J2EE1.
>> >4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
>> >jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
>> >jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
>> >jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.
>jar;
>> >D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.
>4SDK\jdk\lib\htmlconverter_g.
>> >jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.
>4SDK\jdk\lib\jax-
>> >qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
>> >D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
>> >jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
>> >jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.
>jar;
>> >D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:
>\J2EE1.
>> >4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0
>_02\common\lib\servlet.
>> >jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.
>jar;
>> >D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.
>jar;
>> >D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
>> >jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
>> >0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
>> >jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:
>\SystemTray\systray.
>> >jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
>> >2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
>> >api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
>> >jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1
>\junit.
>> >jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.
>jar;
>> >S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
>> >jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:
>\Mindbridge\lib\jcifs-
>> >0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.
>jar;
>> >S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
>> >dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
>> >2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
>> >jar com.intellij.rt.execution.application.AppMain TestPlain
>> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2
>_02
>> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems
>> >Inc.
>> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:
>\J2EE1.
>> >4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
>> >jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;
>D:
>> >\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
>> >4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
>> >jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:
>\J2EE1.
>> >4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;
>D:\J2EE1.
>> >4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
>> >jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
>> >jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
>> >jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.
>jar;
>> >D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.
>4SDK\jdk\lib\htmlconverter_g.
>> >jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.
>4SDK\jdk\lib\jax-
>> >qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
>> >D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
>> >jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
>> >4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
>> >jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.
>jar;
>> >D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:
>\J2EE1.
>> >4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0
>_0���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Re: Re: SSL with Certificate-SSLPeerUnverifiedException
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Fri, Jul 29, 2005 at 12:15:27PM -0400, Michael Clovis wrote:
>
> Oleg.. again thanks for help.. Had a version (2.0.2 compliant) of AuthSSLProtocolSocketFactory. This class seems to me that you would have to have the cert added to keystore using keytool on each client machine..
>
Just create a keystore file of your own, ship it with your
application as a regular resource accessible via a class loader, and
live happily ever after
> I was under impression that HttpClient did not venture into keystore area because there was no API to include certs into keystore. Had to use keytool..
It does not. Strictly speaking one does not have to use keytool in order
to import a private key or public certificate into a Keystore instance.
This can be done using regular JCE classes at the runtime. However, I do
not see a single compelling reason to do so, because you still have to
store the cert or the key somewhere. So, why not storing them in a
keystore file, which besides convenience also provides (some) security
by optionally protecting the file with a pass phrase (password)?
So.. (pardon my ignorance) but if I understood what needed to be done plus this is a swing application that lives on anyone within a company's employ.. Confused..
I hope this clarifies the matter somewhat
Oleg
> Thanks for your quick responses.
> ---------- Original Message ----------
> Date: 7/29/05
> From: Oleg Kalnichevski <ol...@apache.org>
> To: httpclient-user@jakarta.apache.org
> Subject: Re: SSL with Certificate-SSLPeerUnverifiedException
>
> >Michael,
> >
> >I suspect the SSL context has not been properly configured and a result
> >the socket factory was unable to verify the identity of the target
> >server. Please take a look at the AuthSSLProtocolSocketFactory below:
> >
> ><a href='http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/' target='_top'>http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/</a>
>
> >There are some guidelines in the javadocs as to how one can correctly
> >set up an SSL context with required trust managers and/ or key managers
> >
> >Oleg
> >
> >On Fri, Jul 29, 2005 at 11:35:57AM -0400, Michael Clovis wrote:
> >> Oleg.. or anyone.
> >> Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier
> >class that extended HttpClient. Wrote teststub class with TestURL that works in browser
> >for testing servlet..
> >> Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported
> >in 1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and OpenSSL.
> >Here is the test stub...
> >>
> >> try{
> >> BasicConfigurator.configure();
> >> HttpClient client = new HttpClient();
> >> StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
> >>
> >>
> >> Protocol stricthttps = new Protocol( "https", sf, 443);
> >> Protocol.registerProtocol("https",stricthttps);
> >>
> >> client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
> >>
> >>
> >> String test = <a href='"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";' target='_top'>"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";</a>
> >> PostMethod post = null;
> >>
> >>
> >> try {
> >> post = new PostMethod(test);
> >> } catch (Exception e) {
> >> e.printStackTrace();
> >> throw e;
> >> }
> >> post.setDoAuthentication(true);
> >> try {
> >> client.executeMethod(post);
> >> } catch (IOException e) {
> >> //e.printStackTrace();
> >> throw e;
> >> }
> >> String res = null;
> >> if(post!=null &&post.getStatusCode() >= 300){
> >> res = String.valueOf(post.getStatusCode());
> >> }
> >> else if(post!=null){
> >> Header headers[] = null;
> >> headers = post.getRequestHeaders();
> >> if(headers!=null&&headers.length>0){
> >> for (int i = 0; i < headers.length; i++) {
> >> System.out.println(headers[i].toExternalForm());
> >>
> >> }
> >> }
> >> res = new String(post.getResponseBodyAsString());
> >> }
> >> System.out.println(res);
> >> }catch(Exception e){
> >> e.printStackTrace();
> >> }
> >>
> >>
> >> Here is the wire and stack trace..
> >>
> >> D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:
> >\IntelliJ-IDEA-4.5\bin\breakgen.dll -Dfile.encoding=windows-1252 -classpath D:\J2EE1.
> >4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
> >jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:
> >\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
> >4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
> >4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
> >jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.
> >4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.
> >4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
> >jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
> >jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
> >jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;
> >D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.
> >jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-
> >qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
> >D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
> >4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
> >jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
> >4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
> >jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;
> >D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.
> >4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.
> >jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;
> >D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;
> >D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
> >jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
> >0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
> >jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.
> >jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
> >2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
> >api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
> >jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.
> >jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;
> >S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
> >jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-
> >0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;
> >S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
> >dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
> >2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
> >jar com.intellij.rt.execution.application.AppMain TestPlain
> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2_02
> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems
> >Inc.
> >> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:\J2EE1.
> >4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
> >jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:
> >\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
> >4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
> >4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
> >jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.
> >4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.
> >4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
> >jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
> >jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
> >jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;
> >D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.
> >jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-
> >qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
> >D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
> >4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
> >jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
> >4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
> >jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;
> >D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.
> >4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.
> >jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;
> >D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;
> >D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
> >jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
> >0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
> >jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.
> >jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
> >2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
> >api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
> >jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.
> >jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;
> >S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
> >jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-
> >0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;
> >S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
> >dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
> >2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
> >jar
> >> 10 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system name:
> >Windows NT
> >> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system architecture:
> >x86
> >> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system version:
> >4.0
> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SUN 1.42: SUN (DSA
> >key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates;
> >JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJSSE 1.42: Sun JSSE
> >provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunRsaSign 1.42: SUN's
> >provider for RSA signatures
> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJCE 1.42: SunJCE
> >Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5,
> >HMAC-SHA1)
> >> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJGSS 1.0: Sun (Kerberos
> >v5)
> >> 560 [main] DEBUG org.apache.commons.httpclient.methods.GetMethod - enter GetMethod
> >(String)
> >> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod
> >(HttpMethod)
> >> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod
> >(HostConfiguration,HttpMethod,HttpState)
> >> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - HttpConnection.
> >setSoTimeout(0)
> >> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
> >open()
> >> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
> >closeSockedAndStreams()
> >> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
> >releaseConnection()
> >> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> >> at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA6275)
> >> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname
> >(StrictSSLProtocolSocketFactory.java:253)
> >> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket
> >(StrictSSLProtocolSocketFactory.java:208)
> >> at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:683)
> >> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:662)
> >> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
> >> at TestPlain.main(TestPlain.java:65)
> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.
> >java:25)
> >> at java.lang.reflect.Method.invoke(Method.java:324)
> >> at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
> >> count = 0, total = 67
> >>
> >> Process finished with exit code 0
> >>
> >> Thanks for any insight
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> >> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> >>
> >>
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: Re: SSL with Certificate-SSLPeerUnverifiedException
Posted by Michael Clovis <mc...@mindbridge.com>.
Oleg.. again thanks for help.. Had a version (2.0.2 compliant) of AuthSSLProtocolSocketFactory. This class seems to me that you would have to have the cert added to keystore using keytool on each client machine..
I was under impression that HttpClient did not venture into keystore area because there was no API to include certs into keystore. Had to use keytool.. So.. (pardon my ignorance) but if I understood what needed to be done plus this is a swing application that lives on anyone within a company's employ.. Confused..
Thanks for your quick responses.
---------- Original Message ----------
Date: 7/29/05
From: Oleg Kalnichevski <ol...@apache.org>
To: httpclient-user@jakarta.apache.org
Subject: Re: SSL with Certificate-SSLPeerUnverifiedException
>Michael,
>
>I suspect the SSL context has not been properly configured and a result
>the socket factory was unable to verify the identity of the target
>server. Please take a look at the AuthSSLProtocolSocketFactory below:
>
><a href='http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/' target='_top'>http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/</a>
>There are some guidelines in the javadocs as to how one can correctly
>set up an SSL context with required trust managers and/ or key managers
>
>Oleg
>
>On Fri, Jul 29, 2005 at 11:35:57AM -0400, Michael Clovis wrote:
>> Oleg.. or anyone.
>> Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier
>class that extended HttpClient. Wrote teststub class with TestURL that works in browser
>for testing servlet..
>> Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported
>in 1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and OpenSSL.
>Here is the test stub...
>>
>> try{
>> BasicConfigurator.configure();
>> HttpClient client = new HttpClient();
>> StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
>>
>>
>> Protocol stricthttps = new Protocol( "https", sf, 443);
>> Protocol.registerProtocol("https",stricthttps);
>>
>> client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
>>
>>
>> String test = <a href='"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";' target='_top'>"https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";</a>
>> PostMethod post = null;
>>
>>
>> try {
>> post = new PostMethod(test);
>> } catch (Exception e) {
>> e.printStackTrace();
>> throw e;
>> }
>> post.setDoAuthentication(true);
>> try {
>> client.executeMethod(post);
>> } catch (IOException e) {
>> //e.printStackTrace();
>> throw e;
>> }
>> String res = null;
>> if(post!=null &&post.getStatusCode() >= 300){
>> res = String.valueOf(post.getStatusCode());
>> }
>> else if(post!=null){
>> Header headers[] = null;
>> headers = post.getRequestHeaders();
>> if(headers!=null&&headers.length>0){
>> for (int i = 0; i < headers.length; i++) {
>> System.out.println(headers[i].toExternalForm());
>>
>> }
>> }
>> res = new String(post.getResponseBodyAsString());
>> }
>> System.out.println(res);
>> }catch(Exception e){
>> e.printStackTrace();
>> }
>>
>>
>> Here is the wire and stack trace..
>>
>> D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:
>\IntelliJ-IDEA-4.5\bin\breakgen.dll -Dfile.encoding=windows-1252 -classpath D:\J2EE1.
>4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
>jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:
>\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
>4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
>4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
>jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.
>4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.
>4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
>jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
>jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
>jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;
>D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.
>jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-
>qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
>D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
>4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
>jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
>4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
>jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;
>D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.
>4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.
>jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;
>D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;
>D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
>jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
>0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
>jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.
>jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
>2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
>api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
>jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.
>jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;
>S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
>jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-
>0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;
>S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
>dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
>2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
>jar com.intellij.rt.execution.application.AppMain TestPlain
>> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2_02
>> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems
>Inc.
>> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:\J2EE1.
>4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.
>jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:
>\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.
>4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.
>4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.
>jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.
>4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.
>4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-
>jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.
>jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.
>jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;
>D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.
>jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-
>qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;
>D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.
>4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.
>jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.
>4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.
>jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;
>D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.
>4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.
>jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;
>D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;
>D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.
>jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-
>0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.
>jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.
>jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-
>2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-
>api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.
>jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.
>jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;
>S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.
>jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-
>0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;
>S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-
>dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-
>2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.
>jar
>> 10 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system name:
>Windows NT
>> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system architecture:
>x86
>> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system version:
>4.0
>> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SUN 1.42: SUN (DSA
>key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates;
>JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
>> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJSSE 1.42: Sun JSSE
>provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
>> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunRsaSign 1.42: SUN's
>provider for RSA signatures
>> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJCE 1.42: SunJCE
>Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5,
>HMAC-SHA1)
>> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJGSS 1.0: Sun (Kerberos
>v5)
>> 560 [main] DEBUG org.apache.commons.httpclient.methods.GetMethod - enter GetMethod
>(String)
>> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod
>(HttpMethod)
>> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod
>(HostConfiguration,HttpMethod,HttpState)
>> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - HttpConnection.
>setSoTimeout(0)
>> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
>open()
>> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
>closeSockedAndStreams()
>> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.
>releaseConnection()
>> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>> at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA6275)
>> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname
>(StrictSSLProtocolSocketFactory.java:253)
>> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket
>(StrictSSLProtocolSocketFactory.java:208)
>> at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:683)
>> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:662)
>> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
>> at TestPlain.main(TestPlain.java:65)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.
>java:25)
>> at java.lang.reflect.Method.invoke(Method.java:324)
>> at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
>> count = 0, total = 67
>>
>> Process finished with exit code 0
>>
>> Thanks for any insight
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>>
>>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: SSL with Certificate-SSLPeerUnverifiedException
Posted by Oleg Kalnichevski <ol...@apache.org>.
Michael,
I suspect the SSL context has not been properly configured and a result
the socket factory was unable to verify the identity of the target
server. Please take a look at the AuthSSLProtocolSocketFactory below:
http://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/
There are some guidelines in the javadocs as to how one can correctly
set up an SSL context with required trust managers and/ or key managers
Oleg
On Fri, Jul 29, 2005 at 11:35:57AM -0400, Michael Clovis wrote:
> Oleg.. or anyone.
> Connecting with SSL and had this problem (SSLPeerUnverifiedException) with earlier class that extended HttpClient. Wrote teststub class with TestURL that works in browser for testing servlet..
> Googled and made sure we are not using Tomcat 4.1.13 or earlier (problem reported in 1.12 bugzilla).. using highest current release of tomcat Ver 4 ,Apache2 and OpenSSL. Here is the test stub...
>
> try{
> BasicConfigurator.configure();
> HttpClient client = new HttpClient();
> StrictSSLProtocolSocketFactory sf = new StrictSSLProtocolSocketFactory();
>
>
> Protocol stricthttps = new Protocol( "https", sf, 443);
> Protocol.registerProtocol("https",stricthttps);
>
> client.getHostConfiguration().setHost("192.168.45.114", 443, stricthttps);
>
>
> String test = "https://192.168.45.114/IS/ISUploadServer?configKey=HELLO";
> PostMethod post = null;
>
>
> try {
> post = new PostMethod(test);
> } catch (Exception e) {
> e.printStackTrace();
> throw e;
> }
> post.setDoAuthentication(true);
> try {
> client.executeMethod(post);
> } catch (IOException e) {
> //e.printStackTrace();
> throw e;
> }
> String res = null;
> if(post!=null &&post.getStatusCode() >= 300){
> res = String.valueOf(post.getStatusCode());
> }
> else if(post!=null){
> Header headers[] = null;
> headers = post.getRequestHeaders();
> if(headers!=null&&headers.length>0){
> for (int i = 0; i < headers.length; i++) {
> System.out.println(headers[i].toExternalForm());
>
> }
> }
> res = new String(post.getResponseBodyAsString());
> }
> System.out.println(res);
> }catch(Exception e){
> e.printStackTrace();
> }
>
>
> Here is the wire and stack trace..
>
> D:\J2EE1.4SDK\jdk\bin\java -Didea.launcher.port=7532 -Didea.launcher.library=F:\IntelliJ-IDEA-4.5\bin\breakgen.dll -Dfile.encoding=windows-1252 -classpath D:\J2EE1.4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.jar com.intellij.rt.execution.application.AppMain TestPlain
> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java version: 1.4.2_02
> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java vendor: Sun Microsystems Inc.
> 0 [main] DEBUG org.apache.commons.httpclient.HttpClient - Java class path: D:\J2EE1.4SDK\jdk\jre\lib\charsets.jar;D:\J2EE1.4SDK\jdk\jre\lib\jce.jar;D:\J2EE1.4SDK\jdk\jre\lib\jsse.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin.jar;D:\J2EE1.4SDK\jdk\jre\lib\plugin_g.jar;D:\J2EE1.4SDK\jdk\jre\lib\rt.jar;D:\J2EE1.4SDK\jdk\jre\lib\sunrsasign.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\dnsns.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\ldapsec.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\localedata.jar;D:\J2EE1.4SDK\jdk\jre\lib\ext\sunjce_provider.jar;D:\J2EE1.4SDK\jdk\lib\activation.jar;D:\J2EE1.4SDK\jdk\lib\admin-cli.jar;D:\J2EE1.4SDK\jdk\lib\appserv-admin.jar;D:\J2EE1.4SDK\jdk\lib\appserv-assemblytool.jar;D:\J2EE1.4SDK\jdk\lib\appserv-cmp.jar;D:\J2EE1.4SDK\jdk\lib\appserv-ext.jar;D:\J2EE1.4SDK\jdk\lib\appserv-jstl.jar;D:\J2EE1.4SDK\jdk\lib\appserv-rt.jar;D:\J2EE1.4SDK\jdk\lib\appserv-tags.jar;D:\J2EE1.4SDK\jdk\lib\appserv-upgrade.jar;D:\J2EE1.4SDK\jdk\lib\commons-launcher.jar;D:\J2EE1.4SDK\jdk\lib\commons-logging.jar;D:\J2EE1.4SDK\jdk\lib\deployhelp.jar;D:\J2EE1.4SDK\jdk\lib\dt.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter.jar;D:\J2EE1.4SDK\jdk\lib\htmlconverter_g.jar;D:\J2EE1.4SDK\jdk\lib\j2ee-svc.jar;D:\J2EE1.4SDK\jdk\lib\j2ee.jar;D:\J2EE1.4SDK\jdk\lib\jax-qname.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxr-impl.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-api.jar;D:\J2EE1.4SDK\jdk\lib\jaxrpc-impl.jar;D:\J2EE1.4SDK\jdk\lib\jhall.jar;D:\J2EE1.4SDK\jdk\lib\mail.jar;D:\J2EE1.4SDK\jdk\lib\relaxngDatatype.jar;D:\J2EE1.4SDK\jdk\lib\saaj-api.jar;D:\J2EE1.4SDK\jdk\lib\saaj-impl.jar;D:\J2EE1.4SDK\jdk\lib\sun-appserv-ant.jar;D:\J2EE1.4SDK\jdk\lib\tools.jar;D:\J2EE1.4SDK\jdk\lib\xsdlib.jar;D:\J2EE1.4SDK\lib\endorsed\dom.jar;D:\J2EE1.4SDK\lib\endorsed\servlet-api.jar;D:\J2EE1.4SDK\lib\endorsed\servlet.jar;D:\J2EE1.4SDK\lib\endorsed\xalan.jar;D:\J2EE1.4SDK\lib\endorsed\xercesImpl.jar;D:\IntelliJ;D:\jdk1.2.1\src.jar;D:\j2sdk1.4.0_02\common\lib\servlet.jar;D:\JDBCDrivers\mysql-connector-java-2.0.14\mysql-connector-java-2.0.14-bin.jar;D:\JDBCDrivers\db2java.zip;D:\JDBCDrivers\msbase.jar;D:\JDBCDrivers\mssqlserver.jar;D:\JDBCDrivers\msutil.jar;D:\JDBCDrivers\mysql_comp.jar;D:\JDBCDrivers\mysql_uncomp.jar;D:\JDBCDrivers\Opta2000.jar;D:\JDBCDrivers\ora9\classes12.zip;D:\JDBCDrivers\jtds-0.6-rc1.jar;D:\Layouts\TableLayout.jar;D:\jakarta-log4j-1.2.8\dist\lib\log4j-1.2.8.jar;F:\jdom-1.0\build\jdom.jar;D:\jpim-0.1\build\jpim.jar;D:\Jacob\jacob.jar;D:\SystemTray\systray.jar;D:\MindIM\lib\common\ostermillerutils_1_02_24.jar;F:\commonsProj\commons-httpclient-2.0\commons-httpclient-2.0.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging-api.jar;F:\commonsProj\commons-logging-1.0.3\commons-logging.jar;D:\htmlparser1_5\lib\htmllexer.jar;D:\htmlparser1_5\lib\htmlparser.jar;D:\htmlparser1_5\src;D:\JUnit\junit3.8.1\junit.jar;S:\Mindbridge\lib\commons-logging-api.jar;S:\Mindbridge\lib\commons-logging.jar;S:\Mindbridge\lib\commons-httpclient-2.0.jar;S:\Mindbridge\lib\commons-net-1.1.0.jar;S:\Mindbridge\lib\commons-vfs-1.0-dev.jar;S:\Mindbridge\lib\informa.jar;S:\Mindbridge\lib\jcifs-0.8.2.jar;S:\Mindbridge\lib\jsch-0.1.13.zip;S:\Mindbridge\lib\lucene-1.4-final.jar;S:\Mindbridge\lib\lucene-demos-1.4-final.jar;F:\CvsCheckOut\IntrasmartAPI\dist\latest\IntraSmartAPI-dev.jar;D:\xerces-2_5_0\xercesImpl.jar;D:\xerces-2_5_0\xercesSamples.jar;D:\xerces-2_5_0\xml-apis.jar;D:\xerces-2_5_0\xmlParserAPIs.jar;F:\IntelliJ-IDEA-4.5\lib\idea_rt.jar
> 10 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system name: Windows NT
> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system architecture: x86
> 20 [main] DEBUG org.apache.commons.httpclient.HttpClient - Operating system version: 4.0
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SUN 1.42: SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJSSE 1.42: Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunRsaSign 1.42: SUN's provider for RSA signatures
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJCE 1.42: SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
> 390 [main] DEBUG org.apache.commons.httpclient.HttpClient - SunJGSS 1.0: Sun (Kerberos v5)
> 560 [main] DEBUG org.apache.commons.httpclient.methods.GetMethod - enter GetMethod(String)
> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod(HttpMethod)
> 560 [main] DEBUG org.apache.commons.httpclient.HttpClient - enter HttpClient.executeMethod(HostConfiguration,HttpMethod,HttpState)
> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - HttpConnection.setSoTimeout(0)
> 851 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.open()
> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.closeSockedAndStreams()
> 1332 [main] DEBUG org.apache.commons.httpclient.HttpConnection - enter HttpConnection.releaseConnection()
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA6275)
> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname(StrictSSLProtocolSocketFactory.java:253)
> at mb.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:208)
> at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:683)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:662)
> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529)
> at TestPlain.main(TestPlain.java:65)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at com.intellij.rt.execution.application.AppMain.main(AppMain.java:78)
> count = 0, total = 67
>
> Process finished with exit code 0
>
> Thanks for any insight
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org