Re: SSL self- signed- certicate trouble with TrustSelfSignedStrategy()

Thu, 28 Oct 2010 08:12:50 -0700 

Thanks Oleg for the quick reply,

> > - Second, could somebody shed a light on this code which still fails 
with 
> > javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated 
> > 
> 
> You have to differentiate self-signed certificates from those signed by
> non-trusted CA. The TrustSelfSignedStrategy causes HttpClient to bypass
> the certificate checks for _self-signed_ certificates only.
> 
> Hope this helps

Sorry the problem persists.

So why does this code still fail with  
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated 

Changing the code to http (without 's')  and everything is fine, so the 
user/password authentication is ok.

Could you please take a look a the few lines of code :

        TrustStrategy trustStrategy           = new 
TrustSelfSignedStrategy(); 
      X509HostnameVerifier hostnameVerifier = new 
AllowAllHostnameVerifier(); 
      SSLSocketFactory sslSf              = new 
SSLSocketFactory(trustStrategy, hostnameVerifier);

      Scheme https                        = new Scheme("https", 443, 
sslSf); 
      SchemeRegistry schemeRegistry       = new SchemeRegistry();
      schemeRegistry.register(https);
 
      ClientConnectionManager connection = new 
ThreadSafeClientConnManager(schemeRegistry); 
 
      DefaultHttpClient httpClient = new DefaultHttpClient(connection);
      httpClient.getCredentialsProvider().setCredentials(
                                                         new 
AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, "HTTPAccess"), 
                                                         new 
UsernamePasswordCredentials("username", "password"));
 
      HttpGet httpGet = new HttpGet("
https://192.168.0.100:443/cgi-bin/read.xml?);
      HttpResponse response = httpClient.execute(httpGet); 
      System.out.println(response.getStatusLine());



Thanks Regards
/Gerd

The information included in this e-mail and any files transmitted with it is 
strictly confidential and may be privileged or otherwise protected from 
disclosure. If you are not the intended recipient, please notify the sender 
immediately by e-mail and delete this e-mail as well as any attachment from 
your system. If you are not the intended recipient you are not authorized to 
use and/or copy this message and/or attachment and/or disclose the contents to 
any other person.

Reply via email to