I got it running :)
Short summary: 1) download
EasySSLProtocolSocketFactory.java <http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java?only_with_tag=HTTPCLIENT_2_0_BRANCH> EasyX509TrustManager.java <http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java?only_with_tag=HTTPCLIENT_2_0_BRANCH>
from
http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH
2) add:
//NOT trusted SSL
Protocol myhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
Protocol.registerProtocol("https", new Protocol("https", new EasySSLProtocolSocketFactory(), 443));
HttpClient httpclient = new HttpClient();
//... from there "old school"
3) cross your finger ;-)
---------------------------------------------
By the way the http://jakarta.apache.org/commons/httpclient/sslguide.html is NOT really for the 2.0 Branch, or is it?
The line: httpclient.getHostConfiguration().setHost("www.whatever.com", 443, myhttps);
is raising the Error: method getHostConfiguration() is undefined for the typ httpclient.
Thank you very much (again) Oleg! You are always a great help! Cheers!
King regards Thorsten
Kalnichevski, Oleg wrote:
Thorsten, There are currently two branches of HttpClient: stable (2.0) and development (that will eventually become 3.0). Apparently you got hold of code from the development branch. Try the following link instead:
http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH
Oleg
-----Original Message----- From: Thorsten Scherler [mailto:[EMAIL PROTECTED] Sent: Friday, May 07, 2004 12:04 To: Commons HttpClient Project Subject: Re: SSLHandshakeException: No trusted certificate found
Hi Oleg,
thanks a million for the link! ...but one question the EasySSLProtocolSocketFactory.java is refering to which version of the http-client? I am using 2.0 (bin) and the following imports cannot be resolved: import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.HttpClientError; import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory; import org.apache.commons.httpclient.protocol.ReflectionSocketFactory;
Thanks again! King regards Thorsten
Kalnichevski, Oleg wrote:
Hi Thorsten
Have a look at the 'Customizing SSL' section of the HttpClient SSL guide <http://jakarta.apache.org/commons/httpclient/sslguide.html>
Oleg
-----Original Message----- From: Thorsten Scherler [mailto:[EMAIL PROTECTED] Sent: Friday, May 07, 2004 11:26 To: Commons HttpClient Project Subject: SSLHandshakeException: No trusted certificate found
Hello group,
I have a problem with ssl. I am monitoring different services with a server. Now I have a service that throws exceptions: https://desafirma.cjap.junta-andalucia.es
The reason is a "No trusted certificate found". If I try https://www.sun.com everything is fine because it is a trusted one.
I found the following thread: http://forum.java.sun.com/thread.jsp?thread=515154&forum=2&message=2454974 ...but how can I incorporate that in my HTTP-Client?
Thanks for any ideas, links or solutions.
King regards Thorsten
Code that I use: import java.io.IOException;
import org.apache.commons.httpclient.HttpMethod; import org.apache.commons.httpclient.HttpRecoverableException; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory;
/** * @author Thorsten Scherler * @mail [EMAIL PROTECTED] * */ public class HttpClient implements HttpClientInterface { private static Log LOG = LogFactory.getLog(HttpClient.class); public String getHttp(String address, int timeout) throws Exception { //Create an instance of HttpClient. org.apache.commons.httpclient.HttpClient client = new org.apache.commons.httpclient.HttpClient(); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->START"); //initialize parameter String url = null; //test whether a protocol prefix exist String protocol = "http://";; String protocolS = "https://";; if (address.indexOf(protocol) > -1 || address.indexOf(protocolS) > -1) { url = address; } else { url = protocol + address; } //DEBUG: Parameter testing if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->address->" + address); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->URL->"+url);
//establish a connection within 5 seconds
client.setConnectionTimeout(timeout);
// Create a method instance.
HttpMethod method = new GetMethod(url);
//Follow redirects
method.setFollowRedirects(false);
//Mask the client
//Win
//method.setRequestHeader(
// "user-agent",
// "Mozilla/5.0 (Windows; U; Windows NT 5.0; en - US;
rv : 1.6) Gecko / 20040113 ");
//Linux
method.setRequestHeader(
"user-agent",
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1)
Gecko/20021");
//Execute the method.
int statusCode = -1;
//We will retry up to 3 times.
for (int attempt = 0; statusCode == -1 && attempt < 3; attempt++) {
try {
// execute the method.
statusCode = client.executeMethod(method);
} catch (IOException e) {
if (LOG.isErrorEnabled())
LOG.error("Failed to download file.", e);
if (LOG.isDebugEnabled())
LOG.debug("<-Sonda-SONAR->HttpClient->END");
return "666";
}
}
// Check that we didn't run out of retries.
//If so reply with a fake http-code,
//666 is not a valid HTTP code, it was choosen because of that ;-)
if (statusCode == -1) {
if (LOG.isErrorEnabled())
LOG.error("<-Sonda-SONAR->HttpClient->ERROR->FAILED TO RECOVER");
if (LOG.isDebugEnabled())
LOG.debug("<-Sonda-SONAR->HttpClient->END");
return "666";
}
//Read the response code try { int code = method.getStatusCode(); if (LOG.isDebugEnabled()) LOG.debug("Status code: " + code); //DEBUG: Parameter testing //System.err.println(code); //DEBUG: Read the response body. //byte[] responseBody = method.getResponseBody();
//Release the connection and response with the response code. method.releaseConnection();
//DEBUG: Deal with the response. // Use caution: ensure correct character encoding and is not binary data //System.err.println(new String(responseBody)); if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return String.valueOf(code); } catch (RuntimeException e1) { if (LOG.isErrorEnabled()) LOG.error("<-Sonda-SONAR->HttpClient->ERROR->", e1); //Release the connection. method.releaseConnection(); //If so reply with a fake http-code, //666 is not a valid HTTP code, it was choosen because of that ;-) if (LOG.isDebugEnabled()) LOG.debug("<-Sonda-SONAR->HttpClient->END"); return "666"; } }
The exception I get: 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->START 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->address->https://desafirma.cjap.junta-andalucia.es 2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->URL->https://desafirma.cjap.junta-andalucia.es 2004.05.07 11:20:42,287 [Thread-60 ] ERROR sonda.sonar.HttpClient - Failed to download file. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1368) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:799) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2277) at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2657) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1093) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:675) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529) at sonda.sonar.HttpClient.getHttp(HttpClient.java:66) at sonda.sonar.ClassChooser.coreTesting(ClassChooser.java:151) at sonda.sonar.ClassChooser.TestValueBean(ClassChooser.java:65) at sonda.scheduling.SchedulerDoTest.main(SchedulerDoTest.java:76) at sonda.scheduling.ScheduleBean.doSchedule(ScheduleBean.java:109) at sonda.scheduling.ScheduleBean.initialize(ScheduleBean.java:66) at sonda.scheduling.SondaScheduler$1.doTesting(SondaScheduler.java:69) at sonda.scheduling.SondaScheduler$1.run(SondaScheduler.java:55) at java.util.TimerThread.mainLoop(Timer.java:432) at java.util.TimerThread.run(Timer.java:382) Caused by: sun.security.validator.ValidatorException: No trusted certificate found at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107) at sun.security.validator.Validator.validate(Validator.java:202) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275) ... 26 more 2004.05.07 11:20:42,333 [Thread-60 ] DEBUG sonda.sonar.HttpClient - <-Sonda-SONAR->HttpClient->END
-- Thorsten Scherler
-- Thorsten Scherler
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
