thanks a million for the link! ...but one question the EasySSLProtocolSocketFactory.java is refering to which version of the http-client? I am using 2.0 (bin) and the following imports cannot be resolved:
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.HttpClientError;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory;
import org.apache.commons.httpclient.protocol.ReflectionSocketFactory;
Thanks again! King regards Thorsten
Kalnichevski, Oleg wrote:
Hi Thorsten
Have a look at the 'Customizing SSL' section of the HttpClient SSL guide <http://jakarta.apache.org/commons/httpclient/sslguide.html>
Oleg
-----Original Message----- From: Thorsten Scherler [mailto:[EMAIL PROTECTED] Sent: Friday, May 07, 2004 11:26 To: Commons HttpClient Project Subject: SSLHandshakeException: No trusted certificate found
Hello group,
I have a problem with ssl. I am monitoring different services with a server. Now I have a service that throws exceptions: https://desafirma.cjap.junta-andalucia.es
The reason is a "No trusted certificate found". If I try https://www.sun.com everything is fine because it is a trusted one.
I found the following thread: http://forum.java.sun.com/thread.jsp?thread=515154&forum=2&message=2454974 ...but how can I incorporate that in my HTTP-Client?
Thanks for any ideas, links or solutions.
King regards Thorsten
Code that I use: import java.io.IOException;
import org.apache.commons.httpclient.HttpMethod; import org.apache.commons.httpclient.HttpRecoverableException; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory;
/** * @author Thorsten Scherler * @mail [EMAIL PROTECTED] * */ public class HttpClient implements HttpClientInterface { private static Log LOG = LogFactory.getLog(HttpClient.class); public String getHttp(String address, int timeout) throws Exception { //Create an instance of HttpClient. org.apache.commons.httpclient.HttpClient client = new org.apache.commons.httpclient.HttpClient(); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->START"); //initialize parameter String url = null; //test whether a protocol prefix exist String protocol = "http://";; String protocolS = "https://";; if (address.indexOf(protocol) > -1 || address.indexOf(protocolS) > -1) { url = address; } else { url = protocol + address; } //DEBUG: Parameter testing if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->address->" + address); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->URL->"+url);
//establish a connection within 5 seconds
client.setConnectionTimeout(timeout);
// Create a method instance.
HttpMethod method = new GetMethod(url);
//Follow redirects
method.setFollowRedirects(false);
//Mask the client
//Win
//method.setRequestHeader(
// "user-agent",
// "Mozilla/5.0 (Windows; U; Windows NT 5.0; en - US;
rv : 1.6) Gecko / 20040113 ");
//Linux
method.setRequestHeader(
"user-agent",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1)
Gecko/20021");
//Execute the method.
int statusCode = -1;
//We will retry up to 3 times.
for (int attempt = 0; statusCode == -1 && attempt < 3; attempt++) {
try {
// execute the method.
statusCode = client.executeMethod(method);
} catch (IOException e) {
if (LOG.isErrorEnabled())
LOG.error("Failed to download file.", e);
if (LOG.isDebugEnabled())
LOG.debug("<-Sonda-SONAR->HttpClient->END");
return "666";
}
}
// Check that we didn't run out of retries.
//If so reply with a fake http-code,
//666 is not a valid HTTP code, it was choosen because of that ;-)
if (statusCode == -1) {
if (LOG.isErrorEnabled())
LOG.error("<-Sonda-SONAR->HttpClient->ERROR->FAILED TO RECOVER");
if (LOG.isDebugEnabled())
LOG.debug("<-Sonda-SONAR->HttpClient->END");
return "666";
}
//Read the response code try { int code = method.getStatusCode(); if (LOG.isDebugEnabled()) LOG.debug("Status code: " + code); //DEBUG: Parameter testing //System.err.println(code); //DEBUG: Read the response body. //byte[] responseBody = method.getResponseBody();
//Release the connection and response with the response code. method.releaseConnection();
//DEBUG: Deal with the response. // Use caution: ensure correct character encoding and is not binary data //System.err.println(new String(responseBody)); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return String.valueOf(code); } catch (RuntimeException e1) { if (LOG.isErrorEnabled()) LOG.error("<-Sonda-SONAR->HttpClient->ERROR->", e1); //Release the connection. method.releaseConnection(); //If so reply with a fake http-code, //666 is not a valid HTTP code, it was choosen because of that ;-) if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return "666"; } }
The exception I get: 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->START 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->address->https://desafirma.cjap.junta-andalucia.es 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->URL->https://desafirma.cjap.junta-andalucia.es 2004.05.07 11:20:42,287 [Thread-60 ] ERROR sonda.sonar.HttpClient - Failed to download file. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1368) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:799) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2277) at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2657) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1093) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:675) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529) at sonda.sonar.HttpClient.getHttp(HttpClient.java:66) at sonda.sonar.ClassChooser.coreTesting(ClassChooser.java:151) at sonda.sonar.ClassChooser.TestValueBean(ClassChooser.java:65) at sonda.scheduling.SchedulerDoTest.main(SchedulerDoTest.java:76) at sonda.scheduling.ScheduleBean.doSchedule(ScheduleBean.java:109) at sonda.scheduling.ScheduleBean.initialize(ScheduleBean.java:66) at sonda.scheduling.SondaScheduler$1.doTesting(SondaScheduler.java:69) at sonda.scheduling.SondaScheduler$1.run(SondaScheduler.java:55) at java.util.TimerThread.mainLoop(Timer.java:432) at java.util.TimerThread.run(Timer.java:382) Caused by: sun.security.validator.ValidatorException: No trusted certificate found at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107) at sun.security.validator.Validator.validate(Validator.java:202) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275) ... 26 more 2004.05.07 11:20:42,333 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->END
-- Thorsten Scherler
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
*************************************************************************************************** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. ***************************************************************************************************
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Thorsten Scherler
Departamento de Desarrollo de Proyectos Sociedad Andaluza para el Desarrollo de la Sociedad de la Información S.A.U. Avda. de la Arboleda s/n 41940 - Tomares, (Sevilla) Tlfn: (+34) 955 062 627 e-mail: [EMAIL PROTECTED]
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, contiene información de carácter confidencial exclusivamente dirigida a su destinatario o destinatarios. Queda prohibida su divulgación, copia o distribución a terceros sin la previa autorización escrita de "Sociedad Andaluza para el Desarrollo de la Sociedad de la Información, S.A.U.". Si no es Ud. el destinatario del mensaje le ruego lo destruya sin hacer copia digital o física, comunicando a Sociedad Andaluza para el Desarrollo de la Sociedad de la Información S.A.U. vía e-mail o fax la recepción del presente mensaje. Toda declaración de voluntad contenida deberá ser tenida por no producida. Gracias. ____________________________________________________________________________ ___________________
The information in this e-mail and in any attachments is confidential and solely for the attention and use of the named addressee(s). You are hereby notified that any dissemination, distribution or copy of this communication is prohibited without the prior written consent of "Sociedad Andaluza para el Desarrollo de la Sociedad de la Información, S.A.U.". If you are not the formal receiver of this message please destroy it without making any digital or physical copy and inform "Sociedad Andaluza para el Desarrollo de la Sociedad de la Información S.A.U." , by e-mail or fax, of the reception of the present message. Any whatsoever involuntary declaration contained herewith must be taken as having no legal effect. Thank you.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
