See my answer in post below. You have to pass socketFactoryRegistry in contructor when creating PoolingHttpClientConnectionManager.
http://stackoverflow.com/questions/19517538/ignoring-ssl-certificate-in-apache-httpclient-4-3/19950935#19950935 Vasek 2013/11/22 Arni Sumarlidason <[email protected]> > Hello, > > I am trying to use the pooling connection manager in conjunction with > SSLConnectionSocketFactory => to allow connections to self signed SSL > servers as well as configurable connection manager. > > The following works just fine: > SSLContextBuilder builder = new SSLContextBuilder(); > builder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); > SSLConnectionSocketFactory sslsf = new > SSLConnectionSocketFactory(builder.build()); > m_httpClient = > > HttpClients.custom().setDefaultCookieStore(m_cookieStore).setSSLSocketFactory(sslsf).build(); > > However the addition of the connection manager seems to break the > TrustSelfSignedStrategy...: > SSLContextBuilder builder = new SSLContextBuilder(); > builder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); > SSLConnectionSocketFactory sslsf = new > SSLConnectionSocketFactory(builder.build()); > > m_connectionManager = new PoolingHttpClientConnectionManager(); > m_connectionManager.setMaxTotal(200); > m_connectionManager.setDefaultMaxPerRoute(20); > > m_httpClient = > > HttpClients.custom().setDefaultCookieStore(m_cookieStore).setSSLSocketFactory(sslsf).setConnectionManager(m_connectionManager).build(); > > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) > at > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) > at > sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) > at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) > at > sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) > at > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) > at > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) > at > org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:261) > at > org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:118) > at > org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:314) > at > org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:357) > at > org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:218) > at > org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:194) > at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:85) > at > org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) > at > org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106) > at com.mdaus.http.Http.exec(Http.java:158) > at com.mdaus.http.Http.doGetWithResponse(Http.java:371) > at com.mdaus.http.Http.doGetWithResponse(Http.java:404) > at com.mdaus.Maps.MapsAPI.run(MapsAPI.java:53) > at java.lang.Thread.run(Thread.java:744) > Caused by: sun.security.validator.ValidatorException: PKIX path > building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) > at sun.security.validator.Validator.validate(Validator.java:260) > at > sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) > at > sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) > at > sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) > at > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) > ... 23 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) > at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) > at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) > ... 29 more > > > > If anyone can shed some light, I'd appreciate it :o) > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
