Doug did you try using gadgets.makeRequest? Did you have the same problem?
-Ryan Email: [email protected] Phone: 978-899-3041 developerWorks Profile From: "Davies,Douglas" <[email protected]> To: <[email protected]>, Date: 07/07/2011 01:11 AM Subject: Re: Handling Certificates We had the same situation. The osapi.http.get call is be proxied through your shindig server. You need to install the certificate into the cacerts file on your shindig host using keytool then java should be able to find it. Doug On Jul 6, 2011, at 5:09 PM, "Eric Woods" <[email protected]> wrote: > Fellow Shindig Developers, > > I have a tough question regarding certificates. We have a server set up that requires the acceptance of a certificate to access a URL which the server hosts. If I access the URL via a web browser, the browser prompts the user to trust the certificate (i.e. add an exception for the certificate in Firefox) prior to using the service. Once I trust the certificate, all is well. From a Shindig/gadget perspective, however, we don't have a pretty UI to prompt the user to accept the certificate. We request the URL within a gadget using osapi.http.get() as follows: > > var params = { > "href": "https://myhost.com/irequireacertificate";, > "headers": { > "Authorization": ["Basic xYz123"], > "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20100101 Firefox/5.0"], > "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,application/json"], > "Accept-Encoding": ["gzip, deflate"], > "Accept-Charset": ["ISO-8859-1,utf-8;q=0.7,*;q=0.7"] > }; > osapi.http.get(params).execute(function(resp) { > console.log(resp); > }); > > Invoking the request throws the following exception from BasicHttpFetcher: > > Caused by: org.apache.shindig.gadgets.GadgetException: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > at org.apache.shindig.gadgets.http.BasicHttpFetcher.fetch(BasicHttpFetcher.java:389) > at org.apache.shindig.gadgets.http.DefaultRequestPipeline.execute(DefaultRequestPipeline.java:104) > at org.apache.shindig.gadgets.servlet.HttpRequestHandler.execute(HttpRequestHandler.java:231) > ... 33 more > > I suspect (and a quick Google search agrees) that this is likely because the server requires a certificate to be trusted, but Shindig's BasicHttpFetcher is unable to handle this challenge, so things blow up. What type of strategy should we use for gadgets handling certificates? I don't have enough expertise with SSL certificates for a credible recommendation. > > Thanks! > - Eric W.
