You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (JIRA)" <ji...@apache.org> on 2013/04/11 16:45:15 UTC
[jira] [Commented] (HTTPCLIENT-1339) SSLPeerUnverifiedException
occurs randomly when calling resource via HTTPS
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13628981#comment-13628981 ]
Oleg Kalnichevski commented on HTTPCLIENT-1339:
-----------------------------------------------
(1) Both of your tests make no attempts to consume response content and ensure proper deallocation of resources and therefore are already suspect.
(2) DO NOT bombard Google servers with requests in a tight loop and expect everything to be peachy. Google will find out you are doing something silly and will start blocking your connections.
I will close this issue as invalid unless you manage to provide a better evidence supporting your claim of a critical issue in HttpClient code.
Oleg
> SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
> --------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1339
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1339
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.2.3
> Reporter: Juraj Martinka
> Priority: Critical
>
> HttpClient (tested against 4.1 version and 4.2.3) suffers from SSLPeerUnverifiedException.
> It can occur randomly, mainly when calling some secured resource in a concurrent fashion.
> However, each time there is a new HttpClient instance some this might not be related to the threads issues.
> I've created two unit tests - https://gist.github.com/jumarko/34c20054d3d85eaff5a7
> * HttpClientPeerUnverifiedTest - using HttpClient 4.x errors occures in a random fashion -> sometimes zero failures, but more often than not there is at least one SSLPeerUnverifiedException
> * OldHttpClientPeerUnverifiedTest - using HttpClient 3.1 everything is working OK
> Stacktrace:
> {code}
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
> at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
> at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:151)
> at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:125)
> at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:641)
> at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:480)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1066)
> at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1044)
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org