Thank you Vasek! Sent from my iPhone
> On Nov 22, 2013, at 1:01 AM, Václav Tregner <[email protected]> wrote: > > See my answer in post below. You have to pass socketFactoryRegistry in > contructor when creating PoolingHttpClientConnectionManager. > > http://stackoverflow.com/questions/19517538/ignoring-ssl-certificate-in-apache-httpclient-4-3/19950935#19950935 > > Vasek > > > 2013/11/22 Arni Sumarlidason <[email protected]> >> Hello, >> >> I am trying to use the pooling connection manager in conjunction with >> SSLConnectionSocketFactory => to allow connections to self signed SSL >> servers as well as configurable connection manager. >> >> The following works just fine: >> SSLContextBuilder builder = new SSLContextBuilder(); >> builder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); >> SSLConnectionSocketFactory sslsf = new >> SSLConnectionSocketFactory(builder.build()); >> m_httpClient = >> HttpClients.custom().setDefaultCookieStore(m_cookieStore).setSSLSocketFactory(sslsf).build(); >> >> However the addition of the connection manager seems to break the >> TrustSelfSignedStrategy...: >> SSLContextBuilder builder = new SSLContextBuilder(); >> builder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); >> SSLConnectionSocketFactory sslsf = new >> SSLConnectionSocketFactory(builder.build()); >> >> m_connectionManager = new PoolingHttpClientConnectionManager(); >> m_connectionManager.setMaxTotal(200); >> m_connectionManager.setDefaultMaxPerRoute(20); >> >> m_httpClient = >> HttpClients.custom().setDefaultCookieStore(m_cookieStore).setSSLSocketFactory(sslsf).setConnectionManager(m_connectionManager).build(); >> >> >> javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to >> find valid certification path to requested target >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) >> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) >> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) >> at >> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341) >> at >> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) >> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) >> at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) >> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) >> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:261) >> at >> org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:118) >> at >> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:314) >> at >> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:357) >> at >> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:218) >> at >> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:194) >> at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:85) >> at >> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) >> at >> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186) >> at >> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) >> at >> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106) >> at com.mdaus.http.Http.exec(Http.java:158) >> at com.mdaus.http.Http.doGetWithResponse(Http.java:371) >> at com.mdaus.http.Http.doGetWithResponse(Http.java:404) >> at com.mdaus.Maps.MapsAPI.run(MapsAPI.java:53) >> at java.lang.Thread.run(Thread.java:744) >> Caused by: sun.security.validator.ValidatorException: PKIX path >> building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to >> find valid certification path to requested target >> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) >> at >> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) >> at sun.security.validator.Validator.validate(Validator.java:260) >> at >> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) >> at >> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) >> at >> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) >> at >> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1323) >> ... 23 more >> Caused by: sun.security.provider.certpath.SunCertPathBuilderException: >> unable to find valid certification path to requested target >> at >> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) >> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) >> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) >> ... 29 more >> >> >> >> If anyone can shed some light, I'd appreciate it :o) >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >
