"Gerhard Sinne" <[email protected]> wrote: >Thanks Oleg for the quick reply, > >> > - Second, could somebody shed a light on this code which still >fails >with >> > javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated >> > >> >> You have to differentiate self-signed certificates from those signed >by >> non-trusted CA. The TrustSelfSignedStrategy causes HttpClient to >bypass >> the certificate checks for _self-signed_ certificates only. >> >> Hope this helps > >Sorry the problem persists. > >So why does this code still fail with >javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > >Changing the code to http (without 's') and everything is fine, so the > >user/password authentication is ok. > >Could you please take a look a the few lines of code : > > TrustStrategy trustStrategy = new >TrustSelfSignedStrategy(); > X509HostnameVerifier hostnameVerifier = new >AllowAllHostnameVerifier(); > SSLSocketFactory sslSf = new >SSLSocketFactory(trustStrategy, hostnameVerifier); > > Scheme https = new Scheme("https", 443, >sslSf); > SchemeRegistry schemeRegistry = new SchemeRegistry(); > schemeRegistry.register(https); > > ClientConnectionManager connection = new >ThreadSafeClientConnManager(schemeRegistry); > > DefaultHttpClient httpClient = new DefaultHttpClient(connection); > httpClient.getCredentialsProvider().setCredentials( > new >AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, "HTTPAccess"), > new >UsernamePasswordCredentials("username", "password")); > > HttpGet httpGet = new HttpGet(" >https://192.168.0.100:443/cgi-bin/read.xml?); > HttpResponse response = httpClient.execute(httpGet); > System.out.println(response.getStatusLine()); > > > >Thanks Regards >/Gerd > >The information included in this e-mail and any files transmitted with >it is strictly confidential and may be privileged or otherwise >protected from disclosure. If you are not the intended recipient, >please notify the sender immediately by e-mail and delete this e-mail >as well as any attachment from your system. If you are not the intended >recipient you are not authorized to use and/or copy this message and/or >attachment and/or disclose the contents to any other person.
Gerhard There's nothing wrong with the code. Your expectations as to what TrustCelfSignedStrategy is meant to do do seem wrong, though. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
