Hi Thorsten Have a look at the 'Customizing SSL' section of the HttpClient SSL guide <http://jakarta.apache.org/commons/httpclient/sslguide.html>
Oleg -----Original Message----- From: Thorsten Scherler [mailto:[EMAIL PROTECTED] Sent: Friday, May 07, 2004 11:26 To: Commons HttpClient Project Subject: SSLHandshakeException: No trusted certificate found Hello group, I have a problem with ssl. I am monitoring different services with a server. Now I have a service that throws exceptions: https://desafirma.cjap.junta-andalucia.es The reason is a "No trusted certificate found". If I try https://www.sun.com everything is fine because it is a trusted one. I found the following thread: http://forum.java.sun.com/thread.jsp?thread=515154&forum=2&message=2454974 ...but how can I incorporate that in my HTTP-Client? Thanks for any ideas, links or solutions. King regards Thorsten Code that I use: import java.io.IOException; import org.apache.commons.httpclient.HttpMethod; import org.apache.commons.httpclient.HttpRecoverableException; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * @author Thorsten Scherler * @mail [EMAIL PROTECTED] * */ public class HttpClient implements HttpClientInterface { private static Log LOG = LogFactory.getLog(HttpClient.class); public String getHttp(String address, int timeout) throws Exception { //Create an instance of HttpClient. org.apache.commons.httpclient.HttpClient client = new org.apache.commons.httpclient.HttpClient(); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->START"); //initialize parameter String url = null; //test whether a protocol prefix exist String protocol = "http://";; String protocolS = "https://";; if (address.indexOf(protocol) > -1 || address.indexOf(protocolS) > -1) { url = address; } else { url = protocol + address; } //DEBUG: Parameter testing if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->address->" + address); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->URL->"+url); //establish a connection within 5 seconds client.setConnectionTimeout(timeout); // Create a method instance. HttpMethod method = new GetMethod(url); //Follow redirects method.setFollowRedirects(false); //Mask the client //Win //method.setRequestHeader( // "user-agent", // "Mozilla/5.0 (Windows; U; Windows NT 5.0; en - US; rv : 1.6) Gecko / 20040113 "); //Linux method.setRequestHeader( "user-agent", "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021"); //Execute the method. int statusCode = -1; //We will retry up to 3 times. for (int attempt = 0; statusCode == -1 && attempt < 3; attempt++) { try { // execute the method. statusCode = client.executeMethod(method); } catch (IOException e) { if (LOG.isErrorEnabled()) LOG.error("Failed to download file.", e); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return "666"; } } // Check that we didn't run out of retries. //If so reply with a fake http-code, //666 is not a valid HTTP code, it was choosen because of that ;-) if (statusCode == -1) { if (LOG.isErrorEnabled()) LOG.error("<-Sonda-SONAR->HttpClient->ERROR->FAILED TO RECOVER"); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return "666"; } //Read the response code try { int code = method.getStatusCode(); if (LOG.isDebugEnabled()) LOG.debug("Status code: " + code); //DEBUG: Parameter testing //System.err.println(code); //DEBUG: Read the response body. //byte[] responseBody = method.getResponseBody(); //Release the connection and response with the response code. method.releaseConnection(); //DEBUG: Deal with the response. // Use caution: ensure correct character encoding and is not binary data //System.err.println(new String(responseBody)); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return String.valueOf(code); } catch (RuntimeException e1) { if (LOG.isErrorEnabled()) LOG.error("<-Sonda-SONAR->HttpClient->ERROR->", e1); //Release the connection. method.releaseConnection(); //If so reply with a fake http-code, //666 is not a valid HTTP code, it was choosen because of that ;-) if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return "666"; } } The exception I get: 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->START 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->address->https://desafirma.cjap.junta-andalucia.es 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->URL->https://desafirma.cjap.junta-andalucia.es 2004.05.07 11:20:42,287 [Thread-60 ] ERROR sonda.sonar.HttpClient - Failed to download file. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1368) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:799) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2277) at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2657) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1093) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:675) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529) at sonda.sonar.HttpClient.getHttp(HttpClient.java:66) at sonda.sonar.ClassChooser.coreTesting(ClassChooser.java:151) at sonda.sonar.ClassChooser.TestValueBean(ClassChooser.java:65) at sonda.scheduling.SchedulerDoTest.main(SchedulerDoTest.java:76) at sonda.scheduling.ScheduleBean.doSchedule(ScheduleBean.java:109) at sonda.scheduling.ScheduleBean.initialize(ScheduleBean.java:66) at sonda.scheduling.SondaScheduler$1.doTesting(SondaScheduler.java:69) at sonda.scheduling.SondaScheduler$1.run(SondaScheduler.java:55) at java.util.TimerThread.mainLoop(Timer.java:432) at java.util.TimerThread.run(Timer.java:382) Caused by: sun.security.validator.ValidatorException: No trusted certificate found at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107) at sun.security.validator.Validator.validate(Validator.java:202) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275) ... 26 more 2004.05.07 11:20:42,333 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->END -- Thorsten Scherler --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *************************************************************************************************** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. *************************************************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
