On Thu, 2010-10-28 at 16:27 +0200, Gerhard Sinne wrote:
> Hi all,
> I have HTTP client implementing a self- signed- accpetance strategy using
> the TrustSelfSignedStrategy() of the apache HTTP Client 4.1Alpha2.
>
> - First question : Do I have to set the truststore system properties
> although I implemented a TrustSelfSignedStrategy () - Strategy ?
>
You do not.
> Like this way:
>
> System.setProperty("javax.net.ssl.trustStore", "My.trustStore");
> System.setProperty("javax.net.ssl.trustStorePassword", "MyPWD");
>
> I did not install any certificates globally in JRE/JDK with the keytool
> and also try to avoid this.
>
> - Second, could somebody shed a light on this code which still fails with
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>
>
You have to differentiate self-signed certificates from those signed by
non-trusted CA. The TrustSelfSignedStrategy causes HttpClient to bypass
the certificate checks for _self-signed_ certificates only.
Hope this helps
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
