[
https://issues.apache.org/jira/browse/HTTPCLIENT-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13631646#comment-13631646
]
Oleg Kalnichevski commented on HTTPCLIENT-1339:
-----------------------------------------------
Juraj
I do not want to be nasty to you, but you ought to demonstrate a reasonable
amount of effort trying to narrow down the problem (especially when claiming a
critical issue) instead of offloading all the work to ASF developers. Your test
code does not even compile.
---
final DefaultHttpClient httpClient = new
DefaultHttpClient();
final HttpResponse execute = httpClient.execute(new
HttpGet(URI));
System.out.println("uri=" + URI + " status=" +
execute.getStatusLine());
// ensure response is fully consumed
EntityUtils.consume(response.getEntity());
---
Oleg
> SSLPeerUnverifiedException occurs randomly when calling resource via HTTPS
> --------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1339
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1339
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.2.3
> Reporter: Juraj Martinka
> Priority: Critical
>
> HttpClient (tested against 4.1 version and 4.2.3) suffers from
> SSLPeerUnverifiedException.
> It can occur randomly, mainly when calling some secured resource in a
> concurrent fashion.
> However, each time there is a new HttpClient instance some this might not be
> related to the threads issues.
> I've created two unit tests -
> https://gist.github.com/jumarko/34c20054d3d85eaff5a7
> * HttpClientPeerUnverifiedTest - using HttpClient 4.x errors occures in a
> random fashion -> sometimes zero failures, but more often than not there is
> at least one SSLPeerUnverifiedException
> * OldHttpClientPeerUnverifiedTest - using HttpClient 3.1 everything is
> working OK
> Stacktrace:
> {code}
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
> at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
> at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
> at
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
> at
> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:151)
> at
> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:125)
> at
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:641)
> at
> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:480)
> at
> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
> at
> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1066)
> at
> org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1044)
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
