Re: java client code to https service under tomcat

Wed, 09 Jun 2010 03:43:38 -0700 

On 08/06/10 16:19, p Nut wrote:
> Thanks for your reply bruno.
>
> One thing i didnt mention in my earlier post was that my client app runs as a 
> portlet under liferay portal framework. So I am looking into the possibility 
> of liferay messing things up, but i doubt it.
>
> I have tried your code in  standalone java application and I get the 
> following error.
> Exception in thread "main" Bad Request (400) - Bad Request
>       at org.restlet.resource.ClientResource.get(ClientResource.java:452)
>
> here is the code from the app
> "
>               String uri = "https://www.google.com/";;
>               ClientResource clientResource = new ClientResource(new 
> Context(), new Reference(uri));
>               //clientResource.setProtocol(Protocol.HTTPS);
>               clientResource.get();
>               if (clientResource.getStatus().isSuccess()
>               &&  clientResource.getResponseEntity().isAvailable()) {
>                    Representation rep = clientResource.getResponseEntity();
>                    try {
>                               rep.write(System.out);
>                       } catch (IOException e) {
>                               // TODO Auto-generated catch block
>                               e.printStackTrace();
>                       }
> "
>
>
> Also regarding the security certificate. Here is the error.
> "
> https://xyz.com uses an invalid security certificate.
> The certificate is not trusted because the issuer certificate has expired.
> (Error code: sec_error_expired_issuer_certificate)
> "

I'm a bit surprised this gives you 400 or 505 status codes, but I'm not 
surprised this gives you an error.
It sounds the problem comes from your certificate rather than anything 
else (check its notBefore and notAfter dates).

Just to check whether it comes from Restlet or not, perhaps it's worth 
trying something like this (again, standalone app):
         URL url = new URL("https://...../";);
         HttpURLConnection connection = (HttpURLConnection) 
url.openConnection();
         System.out.println("Response code: " + 
connection.getResponseCode());
         // Read the input stream and close if you want



You might also be able to see more details regarding what's going wrong 
using the debug system properties:
   -Djavax.net.debug=SSL,trustmanager

I suspect this will give you too much information regarding certificates 
that are not relevant for this. As far as I remember there's about 120 
CA certificates by default in the cacerts files on the Mac. Of course 
you'd only be interested in yours or its issuer. (It might be easier to 
have a local truststore containing just that certificate for better 
debugging.)


Best wishes,

Bruno.

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2618829

Reply via email to