On Tue, Aug 09, 2005 at 05:11:29PM -0700, Ivan B wrote:
> That was a good call. It seems that there is problem with
> ReflectionSocketFactory
> that is used in case when timeout is used.
>
> Because we are in the controlled environment using only 1.4+ jre what would
> be a
> way to deprecate this? There is a comment that this should be deprecated
> once
> moved to 1.4 or above in the sample code too.
>
Ivan,
This is certainly not what you want
SSLSocket sslSocket = (SSLSocket)
ReflectionSocketFactory.createSocket(
"javax.net.ssl.SSLSocketFactory", host, port, localAddress, localPort,
timeout);
This causes the ReflectionSocketFactory to create a new socket using the
standard JSSE javax.net.ssl.SSLSocketFactory, hence the SSL handshake exception
Try this instead and see if that makes any difference
int timeout = params.getConnectionTimeout();
Socket socket = getSSLContext().getSocketFactory().createSocket();
if (localAddress != null) {
SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
socket.bind(localaddr);
}
SocketAddress remoteaddr = new InetSocketAddress(host, port);
socket.connect(remoteaddr, timeout);
Hope this helps
Oleg
> Thanks for your help.
>
>
> -----Original Message-----
> From: Ivan B [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 09, 2005 3:29 PM
> To: 'HttpClient User Discussion'
> Subject: RE: manager, timeout, and SSL - PLEASE HELP!!!
>
> We are using a slightly modified AuthSSLProtocolSocketFactory provided as a
> sample on the apache commons file server (attached).
>
> I tried this on both 1.4.2 and 1.5.0_03.
>
>
> -----Original Message-----
> From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 09, 2005 3:19 PM
> To: HttpClient User Discussion
> Subject: Re: manager, timeout, and SSL - PLEASE HELP!!!
>
> Ivan,
> (1) Please post the source code of the AuthSSLProtocolSocketFactory class
> (2) Let me know which JRE you you using. Connection timeouts are handled
> completely differently for JRE < 1.4 and those >= 1.4
>
> I'll look at it tomorrow. It is kind of late here
>
> Oleg
>
>
> On Tue, 2005-08-09 at 15:08 -0700, Ivan B wrote:
> > I would appreciate anyone's input on this it is driving me crazy.
> >
> > Basically, we are accessing a host that has personal cert installed
> > over https. In the sample code bellow everything works just fine until
> > I uncomment the commented line. Once I do that I get "Peer not
> > verified" exception.
> >
> >
> >
> > public SmapleTestCraft() throws Exception {
> > CertificateManager certManager = CertificateManager.getInstance();
> > ProtocolSocketFactory sf = new
> > AuthSSLProtocolSocketFactory(certManager);;
> >
> > Protocol.registerProtocol("https", new Protocol("https", sf,
> > 443));
> >
> > MultiThreadedHttpConnectionManager connectionManager = new
> > MultiThreadedHttpConnectionManager();
> > // THIS LINE BREAKS EVERYTHING, BUT WE NEED TIMEOUT VALUE
> > //connectionManager.getParams().setConnectionTimeout(5000);
> >
> > HttpClient httpclient = new HttpClient(connectionManager);
> >
> > httpclient.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBIL
> > ITY);
> >
> > GetMethod httpget = new
> > GetMethod("https://127.0.0.1/banner.txt";);
> >
> > try {
> > httpclient.executeMethod(httpget);
> > System.out.println(httpget.getStatusLine());
> > } finally {
> > httpget.releaseConnection();
> > }
> > }
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail:
> > [EMAIL PROTECTED]
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
