Results 1 to 7 of 7

Thread: https client

  1. #1
    karine is offline Member
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    0

    Default https client

    Hi,

    I have the httpcomponents-client-4.0-beta1-bin-with-dependencies package and trying to make a connection to a server that has the valid CA but I am failing with the following error message:

    >java org.apache.http.examples.client.test2
    Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPee rCertificates(SSLSessionImpl.java:329)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(A bstractVerifier.java:129)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectS ocket(SSLSocketFactory.java:322)
    at org.apache.http.impl.conn.DefaultClientConnectionO perator.openConnection(DefaultClientConnectionOper ator.java:129)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(A bstractPoolEntry.java:164)
    at org.apache.http.impl.conn.AbstractPooledConnAdapte r.open(AbstractPooledConnAdapter.java:119)
    at org.apache.http.impl.client.DefaultRequestDirector .execute(DefaultRequestDirector.java:347)
    at org.apache.http.impl.client.AbstractHttpClient.exe cute(AbstractHttpClient.java:555)
    at org.apache.http.impl.client.AbstractHttpClient.exe cute(AbstractHttpClient.java:487)
    at org.apache.http.impl.client.AbstractHttpClient.exe cute(AbstractHttpClient.java:465)
    at org.apache.http.examples.client.test2.main(test2.j ava:57)
    ----------------------

    Thanks in advance!
    Karine

  2. #2
    zoomix is offline Member
    Join Date
    Oct 2008
    Location
    Sweden, Gothenburg
    Posts
    21
    Rep Power
    0

    Default

    A self-signed valid CA?

    You may want to check if the site's particular CA is in your default keystore. Go to your java directory and check your cacerts in lib/security/cacerts.

    On linux you would do something like this:
    keytool --list --keystore /usr/java/jdk1.5.0_11/jre/lib/security/cacerts

  3. #3
    karine is offline Member
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    0

    Default

    Thank you so much!

    Now, should I call and find out the remote site's CA info and use the keytool to import to cacerts? How is this procedure working?

    thanks again!
    Karine

  4. #4
    zoomix is offline Member
    Join Date
    Oct 2008
    Location
    Sweden, Gothenburg
    Posts
    21
    Rep Power
    0

    Default

    Something like that, yes. If you're running a tomcat you should check google for "truststore", otherwise you should be able to import a CA certificate provided to you into the cacerts file by using keytool cleverly.

    You can also check the site out in your browser. Every time you access an https website in firefox (for instance) you get a little padlock icon at the bottom of the browser window. Double-click that and click the "view certificate"-button. You should be able to figure out who's issuing the certificate and see if you have them in you cacerts.

  5. #5
    karine is offline Member
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    0

    Default

    Thank you soo much! Things work now! :-)

  6. #6
    presh4u Guest

    Default

    the program is big enogh to understand

  7. #7
    serjant's Avatar
    serjant is offline Senior Member
    Join Date
    Jun 2008
    Location
    Ukraine,Zaporozhye
    Posts
    487
    Rep Power
    7

    Default

    Quote Originally Posted by presh4u View Post
    the program is big enogh to understand
    Are you flooding the forum?

Similar Threads

  1. JDK 1.3 with HTTPS
    By sriram in forum Advanced Java
    Replies: 2
    Last Post: 01-21-2008, 11:51 PM
  2. Replies: 0
    Last Post: 11-13-2007, 11:13 AM
  3. Replies: 6
    Last Post: 07-18-2007, 04:15 PM
  4. Replies: 1
    Last Post: 07-14-2007, 06:15 PM
  5. HTTPS and JBoss
    By Heather in forum Advanced Java
    Replies: 2
    Last Post: 06-30-2007, 05:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •