Hi,
Here is the implementation I did (I am using 4.2.2):
ClassLoader cl = HttpSyncServer.class.getClassLoader();
URL url = cl.getResource(keyStore);
if (url == null) {
log.fatal("Keystore not found. HTTPS is not active");
}
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(url.openStream(), pswrd.toCharArray());
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
"SunX509");
kmfactory.init(trustStore, pswrd.toCharArray());
SSLSocketFactory socketFactory = new
SSLSocketFactory(TrustManagerFactory.getDefaultAlgorithm(),trustStore, pswrd,
trustStore, null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme sch = new Scheme("https", port, socketFactory);
m_httpclient.getConnectionManager().getSchemeRegistry().register(sch);
but I still get: javax.net.ssl.SSLPeerUnverifiedException: peer not
authenticate.
Am I doing something wrong or could it be a problem with the certificate of the
server?
Regards,
Nir
-----Original Message-----
From: Nir Dweck [mailto:[email protected]]
Sent: Saturday, June 14, 2014 11:21 PM
To: '[email protected]'
Subject: HTTPS connection
Hi,
I'm required to connect to a server over HTTPS. The server provided me both a
certificate and a keystore for authentication.
I've imported the certificate to my truststore file and registered a schema
with the keystore to the connection manager.
The problem is that the host in the certificate is different than the host name
I need to reach.
I know that in javax.net.ssl there is an HostNameVerifier interface that you
can set on the connection, which can solve cases like these.
How do I implement it with httpcomponents-client?
Regards,
Nir
