You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Oleg Kalnichevski <ol...@apache.org> on 2004/12/20 23:26:43 UTC

Re: javax.net.ssl.SSLHandshakeException: certificate expired (can we ignore it??)

Amit,

Basically all it takes is a custom TrustManager
<http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/X509TrustManager.html> which would not validate the expiry date of the server certificates (or in the most vulgar form would not validate them at all and simply accept any certificate.

For details see 'Customizing SSL in HttpClien' section of the HttpClient
SSL guide. 

http://jakarta.apache.org/commons/httpclient/3.0/sslguide.html

Here you can find some code samples

http://cvs.apache.org/viewcvs.cgi/jakarta-
commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/

Hope this helps

Oleg





On Mon, 2004-12-20 at 14:00 -0800, amit parnerkar wrote:
> Hi,
> We are using the following httpclient code to connect to website using https protocol. The problem is that the server certificate is expired on www.myhome.net and the following code is throwing SSL Handshake exception because of CertificateExpired exception.
> Is there a way we can still use this expired certificate and still send data encrypted?? 
> One more thing, this code works fine from my local machine (windows with WSAD) but not from development or production (both unix box).
> Application is deployed in Websphere app server 5.0
> Any help is highly appreciated.
>  
>    userName = "userName";
>    passWord = "XXXX";
>    connectURL = "https://www.myhome.net/processrequest.cgi";
>   HttpClient httpclient = new HttpClient();
>   HttpState aState = httpclient.getState();
>   Credentials credentials =
>    new UsernamePasswordCredentials(userName, passWord);
>   aState.setCredentials(new AuthScope(null, -1), credentials);
>   PostMethod httpPost = new PostMethod(connectURL);
>   NameValuePair[] data = { new NameValuePair("requestxml", requestXML)};
>   httpPost.setRequestBody(data);
>   BufferedReader in = null;
>   try {
>    httpclient.executeMethod(httpPost);
>    in =
>     new BufferedReader(
>      new InputStreamReader(httpPost.getResponseBodyAsStream()));
> }catch(...)
> 
> 		
> ---------------------------------
> Do you Yahoo!?
>  Send a seasonal email greeting and help others. Do good.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org