Thanks Oleg. Regards, Nir
-----Original Message----- From: Oleg Kalnichevski [mailto:[email protected]] Sent: Monday, June 16, 2014 11:17 AM To: HttpClient User Discussion Subject: Re: HTTPS connection On Sun, 2014-06-15 at 20:33 +0000, Nir Dweck wrote: > Hi, > Here is the implementation I did (I am using 4.2.2): > ClassLoader cl = HttpSyncServer.class.getClassLoader(); > URL url = cl.getResource(keyStore); > if (url == null) { > log.fatal("Keystore not found. HTTPS is not active"); > } > > KeyStore trustStore = KeyStore.getInstance("JKS"); > trustStore.load(url.openStream(), pswrd.toCharArray()); > KeyManagerFactory kmfactory = KeyManagerFactory.getInstance( > "SunX509"); > kmfactory.init(trustStore, pswrd.toCharArray()); > SSLSocketFactory socketFactory = new > SSLSocketFactory(TrustManagerFactory.getDefaultAlgorithm(),trustStore, pswrd, > trustStore, null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); > Scheme sch = new Scheme("https", port, socketFactory); > m_httpclient.getConnectionManager().getSchemeRegistry().register(sch); > > but I still get: javax.net.ssl.SSLPeerUnverifiedException: peer not > authenticate. > > Am I doing something wrong or could it be a problem with the certificate of > the server? > > Please refer to this document for help on troubleshooting SSL related issues: http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html Oleg > Regards, > Nir > > -----Original Message----- > From: Nir Dweck [mailto:[email protected]] > Sent: Saturday, June 14, 2014 11:21 PM > To: '[email protected]' > Subject: HTTPS connection > > Hi, > I'm required to connect to a server over HTTPS. The server provided me both a > certificate and a keystore for authentication. > I've imported the certificate to my truststore file and registered a schema > with the keystore to the connection manager. > The problem is that the host in the certificate is different than the host > name I need to reach. > I know that in javax.net.ssl there is an HostNameVerifier interface that you > can set on the connection, which can solve cases like these. > How do I implement it with httpcomponents-client? > > Regards, > Nir > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
