> By the way the > http://jakarta.apache.org/commons/httpclient/sslguide.html is NOT really for the 2.0 > Branch, or is it? > The line: httpclient.getHostConfiguration().setHost("www.whatever.com", 443, > myhttps);
Thorsten, The code snippets inside the SSL guide should be compilable against HttpClient 2.0. However, the links to the CVS repository apparently point to the wrong branch. I'll take of the problem tonight Oleg -----Original Message----- From: Thorsten Scherler [mailto:[EMAIL PROTECTED] Sent: Friday, May 07, 2004 13:26 To: Commons HttpClient Project Subject: Re: SSLHandshakeException: No trusted certificate found Thx Oleg, I got it running :) Short summary: 1) download EasySSLProtocolSocketFactory.java <http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java?only_with_tag=HTTPCLIENT_2_0_BRANCH> EasyX509TrustManager.java <http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java?only_with_tag=HTTPCLIENT_2_0_BRANCH> from http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH 2) add: //NOT trusted SSL Protocol myhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443); Protocol.registerProtocol("https", new Protocol("https", new EasySSLProtocolSocketFactory(), 443)); HttpClient httpclient = new HttpClient(); //... from there "old school" 3) cross your finger ;-) --------------------------------------------- By the way the http://jakarta.apache.org/commons/httpclient/sslguide.html is NOT really for the 2.0 Branch, or is it? The line: httpclient.getHostConfiguration().setHost("www.whatever.com", 443, myhttps); is raising the Error: method getHostConfiguration() is undefined for the typ httpclient. Thank you very much (again) Oleg! You are always a great help! Cheers! King regards Thorsten Kalnichevski, Oleg wrote: >Thorsten, >There are currently two branches of HttpClient: stable (2.0) and development (that >will eventually become 3.0). Apparently you got hold of code from the development >branch. Try the following link instead: > >http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH > >Oleg > > >-----Original Message----- >From: Thorsten Scherler >[mailto:[EMAIL PROTECTED] >Sent: Friday, May 07, 2004 12:04 >To: Commons HttpClient Project >Subject: Re: SSLHandshakeException: No trusted certificate found > > >Hi Oleg, > >thanks a million for the link! ...but one question the >EasySSLProtocolSocketFactory.java is refering to which version of the >http-client? I am using 2.0 (bin) and the following imports cannot be >resolved: >import org.apache.commons.httpclient.ConnectTimeoutException; >import org.apache.commons.httpclient.HttpClientError; >import org.apache.commons.httpclient.params.HttpConnectionParams; >import org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory; >import org.apache.commons.httpclient.protocol.ReflectionSocketFactory; > >Thanks again! >King regards >Thorsten > >Kalnichevski, Oleg wrote: > > > >>Hi Thorsten >> >>Have a look at the 'Customizing SSL' section of the HttpClient SSL guide >><http://jakarta.apache.org/commons/httpclient/sslguide.html> >> >>Oleg >> >>-----Original Message----- >>From: Thorsten Scherler >>[mailto:[EMAIL PROTECTED] >>Sent: Friday, May 07, 2004 11:26 >>To: Commons HttpClient Project >>Subject: SSLHandshakeException: No trusted certificate found >> >> >>Hello group, >> >>I have a problem with ssl. I am monitoring different services with a >>server. Now I have a service that throws exceptions: >>https://desafirma.cjap.junta-andalucia.es >> >>The reason is a "No trusted certificate found". If I try >>https://www.sun.com everything is fine because it is a trusted one. >> >>I found the following thread: >>http://forum.java.sun.com/thread.jsp?thread=515154&forum=2&message=2454974 >>...but how can I incorporate that in my HTTP-Client? >> >>Thanks for any ideas, links or solutions. >> >>King regards >>Thorsten >> >>Code that I use: >>import java.io.IOException; >> >>import org.apache.commons.httpclient.HttpMethod; >>import org.apache.commons.httpclient.HttpRecoverableException; >>import org.apache.commons.httpclient.methods.GetMethod; >>import org.apache.commons.logging.Log; >>import org.apache.commons.logging.LogFactory; >> >>/** >>* @author Thorsten Scherler >>* @mail [EMAIL PROTECTED] >>* >>*/ >>public class HttpClient implements HttpClientInterface { >> private static Log LOG = LogFactory.getLog(HttpClient.class); >> public String getHttp(String address, int timeout) throws Exception { >> //Create an instance of HttpClient. >> org.apache.commons.httpclient.HttpClient client = >> new org.apache.commons.httpclient.HttpClient(); >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->START"); >> //initialize parameter >> String url = null; >> //test whether a protocol prefix exist >> String protocol = "http://";; >> String protocolS = "https://";; >> if (address.indexOf(protocol) > -1 >> || address.indexOf(protocolS) > -1) { >> url = address; >> } else { >> url = protocol + address; >> } >> //DEBUG: Parameter testing >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->address->" + address); >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->URL->"+url); >> >> //establish a connection within 5 seconds >> client.setConnectionTimeout(timeout); >> // Create a method instance. >> HttpMethod method = new GetMethod(url); >> //Follow redirects >> method.setFollowRedirects(false); >> //Mask the client >> //Win >> //method.setRequestHeader( >> // "user-agent", >> // "Mozilla/5.0 (Windows; U; Windows NT 5.0; en - US; >>rv : 1.6) Gecko / 20040113 "); >> //Linux >> method.setRequestHeader( >> "user-agent", >> "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) >>Gecko/20021"); >> //Execute the method. >> int statusCode = -1; >> //We will retry up to 3 times. >> for (int attempt = 0; statusCode == -1 && attempt < 3; attempt++) { >> try { >> // execute the method. >> statusCode = client.executeMethod(method); >> } catch (IOException e) { >> if (LOG.isErrorEnabled()) >> LOG.error("Failed to download file.", e); >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->END"); >> return "666"; >> } >> } >> // Check that we didn't run out of retries. >> //If so reply with a fake http-code, >> //666 is not a valid HTTP code, it was choosen because of that ;-) >> if (statusCode == -1) { >> if (LOG.isErrorEnabled()) >> >>LOG.error("<-Sonda-SONAR->HttpClient->ERROR->FAILED TO RECOVER"); >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->END"); >> return "666"; >> } >> >> //Read the response code >> try { >> int code = method.getStatusCode(); >> if (LOG.isDebugEnabled()) >> LOG.debug("Status code: " + code); >> //DEBUG: Parameter testing >> //System.err.println(code); >> //DEBUG: Read the response body. >> //byte[] responseBody = method.getResponseBody(); >> >> //Release the connection and response with the response code. >> method.releaseConnection(); >> >> //DEBUG: Deal with the response. >> // Use caution: ensure correct character encoding and is not >>binary data >> //System.err.println(new String(responseBody)); >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->END"); >> return String.valueOf(code); >> } catch (RuntimeException e1) { >> if (LOG.isErrorEnabled()) >> LOG.error("<-Sonda-SONAR->HttpClient->ERROR->", e1); >> //Release the connection. >> method.releaseConnection(); >> //If so reply with a fake http-code, >> //666 is not a valid HTTP code, it was choosen because of >>that ;-) >> if (LOG.isDebugEnabled()) >> LOG.debug("<-Sonda-SONAR->HttpClient->END"); >> return "666"; >> } >> } >> >>The exception I get: >>2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - >><-Sonda-SONAR->HttpClient->START >>2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - >><-Sonda-SONAR->HttpClient->address->https://desafirma.cjap.junta-andalucia.es >>2004.05.07 11:20:42,263 [Thread-60 ] DEBUG sonda.sonar.HttpClient - >><-Sonda-SONAR->HttpClient->URL->https://desafirma.cjap.junta-andalucia.es >>2004.05.07 11:20:42,287 [Thread-60 ] ERROR sonda.sonar.HttpClient - >>Failed to download file. >>javax.net.ssl.SSLHandshakeException: >>sun.security.validator.ValidatorException: No trusted certificate found >> at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) >> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) >> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) >> at >>org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1368) >> at >>java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66) >> at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124) >> at >>org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:799) >> at >>org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2277) >> at >>org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2657) >> at >>org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1093) >> at >>org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:675) >> at >>org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:529) >> at sonda.sonar.HttpClient.getHttp(HttpClient.java:66) >> at sonda.sonar.ClassChooser.coreTesting(ClassChooser.java:151) >> at sonda.sonar.ClassChooser.TestValueBean(ClassChooser.java:65) >> at sonda.scheduling.SchedulerDoTest.main(SchedulerDoTest.java:76) >> at sonda.scheduling.ScheduleBean.doSchedule(ScheduleBean.java:109) >> at sonda.scheduling.ScheduleBean.initialize(ScheduleBean.java:66) >> at >>sonda.scheduling.SondaScheduler$1.doTesting(SondaScheduler.java:69) >> at sonda.scheduling.SondaScheduler$1.run(SondaScheduler.java:55) >> at java.util.TimerThread.mainLoop(Timer.java:432) >> at java.util.TimerThread.run(Timer.java:382) >>Caused by: sun.security.validator.ValidatorException: No trusted >>certificate found >> at >>sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304) >> at >>sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107) >> at sun.security.validator.Validator.validate(Validator.java:202) >> at >>com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275) >> at >>com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275) >> ... 26 more >>2004.05.07 11:20:42,333 [Thread-60 ] DEBUG sonda.sonar.HttpClient - >><-Sonda-SONAR->HttpClient->END >> >>-- >>Thorsten Scherler >> >> >> >> -- Thorsten Scherler --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *************************************************************************************************** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. *************************************************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
