I've also recently been getting this error and was hoping someone could shed some light on it.
We're using the RC2 version of HttpClient and our JDK versions are all 1.4 or greater. The client we are connecting to seems to have a Verisign certificate. Initially our client worked, but we later began getting the SSLHandshakeException. This occurred with no changes on the client side. We do have the lines Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); host.setHost(hostname, port, "https"); client.setHostConfiguration(host); Before we create PostMethod() Here is the thrown exception javax.net.ssl.SSLHandshakeException: Could not find the trusted certificate at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(H ttpConnection.java:1351) at java.io.BufferedOutputStream.flushBuffer(Unknown Source) at java.io.BufferedOutputStream.flush(Unknown Source) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(Ht tpConnection.java:779) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase .java:2257) at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBa se.java:2629) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java :1085) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:6 74) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:5 29) Can anyone help with this? Would using EasySSLProtocolSocketFactory class fix this error? Thanks, Aaron -----Original Message----- From: Marcus Crafter [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 12, 2003 8:43 AM To: Commons HttpClient Project Subject: Re: SSL-Connection to unstrusted host H Sven, Roland, There's an example socket factory available on the website: http://jakarta.apache.org/commons/httpclient/sslguide.html Have a look for the EasySSLProtocolSocketFactory class. Hope that helps. Cheers, Marcus On Wed, 2003-11-12 at 15:34, Roland Weber wrote: > Hello Sven, > > you will have to register your own secure socket factory. > In that factory, you can establish SSL connections without verifying > certificates. Alas, I don't remember whether such code is included in > the examples or has been posted to the mailing list. But the topic > itself pops up every few months, so you're likely to find sample code > somewhere. > > See interface SecureProtocolSocketFactory and class > Protocol (method registerProtocol) to get started. > > regards, > Roland > > > > > > > Sven K�hler <[EMAIL PROTECTED]> > 12.11.2003 15:10 > Please respond to "Commons HttpClient Project" > > To: Commons HttpClient Project > <[EMAIL PROTECTED]> > cc: > Subject: SSL-Connection to unstrusted host > > > Well, the subject says it all: > > I'd like to connect to a host with an untrusted SSL-certfictate. When > trying to connect, i always get the following exception: > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: > No trusted certificate found > at > com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) > at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) > at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) > at > org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(H ttpConnection.java:1351) > at > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66) > at > java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124) > at > org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(Ht tpConnection.java:779) > at > org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpCon nectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManag er.java:1145) > at > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase .java:2257) > at > org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBa se.java:2629) > at > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java :1085) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:6 74) > ... > > Is there any option to turn the check off? > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
