On Sun, 2014-06-15 at 20:33 +0000, Nir Dweck wrote:
> Hi,
> Here is the implementation I did (I am using 4.2.2):
> ClassLoader cl = HttpSyncServer.class.getClassLoader();
> URL url = cl.getResource(keyStore);
> if (url == null) {
> log.fatal("Keystore not found. HTTPS is not active");
> }
>
> KeyStore trustStore = KeyStore.getInstance("JKS");
> trustStore.load(url.openStream(), pswrd.toCharArray());
> KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
> "SunX509");
> kmfactory.init(trustStore, pswrd.toCharArray());
> SSLSocketFactory socketFactory = new
> SSLSocketFactory(TrustManagerFactory.getDefaultAlgorithm(),trustStore, pswrd,
> trustStore, null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
> Scheme sch = new Scheme("https", port, socketFactory);
> m_httpclient.getConnectionManager().getSchemeRegistry().register(sch);
>
> but I still get: javax.net.ssl.SSLPeerUnverifiedException: peer not
> authenticate.
>
> Am I doing something wrong or could it be a problem with the certificate of
> the server?
>
>
Please refer to this document for help on troubleshooting SSL related
issues:
http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html
Oleg
> Regards,
> Nir
>
> -----Original Message-----
> From: Nir Dweck [mailto:[email protected]]
> Sent: Saturday, June 14, 2014 11:21 PM
> To: '[email protected]'
> Subject: HTTPS connection
>
> Hi,
> I'm required to connect to a server over HTTPS. The server provided me both a
> certificate and a keystore for authentication.
> I've imported the certificate to my truststore file and registered a schema
> with the keystore to the connection manager.
> The problem is that the host in the certificate is different than the host
> name I need to reach.
> I know that in javax.net.ssl there is an HostNameVerifier interface that you
> can set on the connection, which can solve cases like these.
> How do I implement it with httpcomponents-client?
>
> Regards,
> Nir
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
