Re: MTHCM Connection Pool re-use

Mon, 11 Feb 2008 09:52:27 -0800 

Thanks,

Seems like my assertion;

> > Re-using a connection means re-using the SSL session associated with
> > it. I need to create a new session for each client (i.e for each
> > thread)

.. was only partly true at best. It seems that a new SSL session is
created for every instance of the ProtocolSocketFactory.

So if in the main thread I do;
Protocol.registerProtocol("https", new Protocol("https",
(ProtocolSocketFactory)new EasySSLProtocolSocketFactory(), 8085));

and in each of the spawned threads; (using the MTHCM of course)
hostConfig.setHost("https://mega01.ac.uk/index.html";, 8085, "https");

everything works fine. But I would like a new instance of the Protocol
per thread in order to have multiple SSL sessions. So if I remove
Protocol.registerProtocol(...) from the main thread and do;

hostConfig.setHost("https://mega01.ac.uk/index.html";, 8085, new
Protocol("https", (ProtocolSocketFactory)new
EasySSLProtocolSocketFactory(), 8085));

in the threads instead, and execute the method on that host instead, I
get the following error:

Fatal transport error: sun.security.validator.ValidatorException: PKIX
path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
        at 
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
        at 
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)
        at 
com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
        at 
java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
        at 
org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
        at 
HttpConnectionAdapter.flushRequestOutputStream(HttpConnectionAdapter.java:433)
        at 
org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
        at 
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
        at 
org.apache.commons.httpclient.FluxHttpMethodDirector.executeWithRetry(FluxHttpMethodDirector.java:402)
        at 
org.apache.commons.httpclient.FluxHttpMethodDirector.executeMethod(FluxHttpMethodDirector.java:174)
        at SessionThread.executeMethod(SessionThread.java:250)
        at SessionThread.run(SessionThread.java:116)
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
        at java.lang.Thread.run(Thread.java:595)
Caused by: sun.security.validator.ValidatorException: PKIX path
building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
        at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
        at sun.security.validator.Validator.validate(Validator.java:203)
        at 
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
        at 
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
        ... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
        at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
        ... 25 more


Since it works in the first case and not the second I assume I forgot
to initialise something somewhere?

Thanks again
Christiaan

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to