Thomas, Thanks for the quick reply. Worked like a charm.
Jay On Thu, Feb 7, 2013 at 3:54 AM, Thomas Becker <[email protected]> wrote: > Hi Jay, > > thx for the compliments. We like our new HTTP client a lot as well. :) > > However you revealed a bug or at least some non intuitive setup. When > trustAll is set, hostname verification should be disabled, I agree and I > just fixed it. > > Here's the bug: > https://bugs.eclipse.org/bugs/**show_bug.cgi?id=400184<https://bugs.eclipse.org/bugs/show_bug.cgi?id=400184> > > You can either use the new code or as a workaround call: > SslContextFactory.**setEndpointIdentificationAlgor**ithm(null); > > in your setup to disable hostname verification. The fix will be in the > next release. > > Cheers, > Thomas > > Am 2/7/13 1:03 AM, schrieb Jay Wallingford: > >> I'm using Jetty HttpClient 9 to do some simple web crawling and I can't >> seem to make it work with HTTPS. The following simple code that makes a >> synchronous GET request ... >> >> |SslContextFactory sslContextFactory = new SslContextFactory(true); >> HttpClient client = new HttpClient(sslContextFactory); >> client.start(); >> ContentResponse response = >> client.newRequest("https://**www.twitter.com<https://www.twitter.com> >> ") >> .method(HttpMethod.GET) >> .send(); >> | >> >> Where I use the TrustAll flag when creating the SslContextFactory causes >> the following exception which appears to be related to SSL ... >> >> |java.util.concurrent.**ExecutionException: org.eclipse.jetty.io.** >> EofException >> at org.eclipse.jetty.client.util.**FutureResponseListener.**getResult(** >> FutureResponseListener.java:**118) >> at org.eclipse.jetty.client.util.**FutureResponseListener.get(** >> FutureResponseListener.java:**101) >> at org.eclipse.jetty.client.**HttpRequest.send(HttpRequest.**java:433) >> at com.blogfrog.system.service.**http.Jetty9HttpClientTester.** >> main(Jetty9HttpClientTester.**java:17) >> >> Caused by: org.eclipse.jetty.io.**EofException >> at org.eclipse.jetty.io.ssl.**SslConnection$**DecryptedEndPoint.fill(** >> SslConnection.java:597) >> at org.eclipse.jetty.client.**HttpReceiver.receive(** >> HttpReceiver.java:74) >> at org.eclipse.jetty.client.**HttpConnection.receive(** >> HttpConnection.java:308) >> at org.eclipse.jetty.client.**HttpExchange.receive(** >> HttpExchange.java:104) >> at org.eclipse.jetty.client.**HttpConnection.onFillable(** >> HttpConnection.java:296) >> at org.eclipse.jetty.io.**AbstractConnection$**ReadCallback.run(** >> AbstractConnection.java:240) >> at org.eclipse.jetty.io.**AbstractConnection$**ReadCallback.succeeded(** >> AbstractConnection.java:278) >> at org.eclipse.jetty.io.**FillInterest.fillable(**FillInterest.java:78) >> at org.eclipse.jetty.io.ssl.**SslConnection.onFillable(** >> SslConnection.java:198) >> at org.eclipse.jetty.io.**AbstractConnection$**ReadCallback.run(** >> AbstractConnection.java:240) >> at org.eclipse.jetty.io.**AbstractConnection$**ReadCallback.succeeded(** >> AbstractConnection.java:278) >> at org.eclipse.jetty.io.**FillInterest.fillable(**FillInterest.java:78) >> at org.eclipse.jetty.io.**SelectChannelEndPoint.**onSelected(** >> SelectChannelEndPoint.java:**109) >> at org.eclipse.jetty.io.**SelectorManager$**ManagedSelector.processKey(** >> SelectorManager.java:482) >> at org.eclipse.jetty.io.**SelectorManager$**ManagedSelector.select(** >> SelectorManager.java:439) >> at org.eclipse.jetty.io.**SelectorManager$**ManagedSelector.run(** >> SelectorManager.java:404) >> at org.eclipse.jetty.util.thread.**QueuedThreadPool.runJob(** >> QueuedThreadPool.java:589) >> at org.eclipse.jetty.util.thread.**QueuedThreadPool$3.run(** >> QueuedThreadPool.java:520) >> at java.lang.Thread.run(Thread.**java:722) >> Caused by: javax.net.ssl.**SSLHandshakeException: General SSLEngine >> problem >> at sun.security.ssl.Handshaker.**checkThrown(Handshaker.java:**1362) >> at sun.security.ssl.**SSLEngineImpl.checkTaskThrown(** >> SSLEngineImpl.java:513) >> at sun.security.ssl.**SSLEngineImpl.readNetRecord(** >> SSLEngineImpl.java:790) >> at sun.security.ssl.**SSLEngineImpl.unwrap(**SSLEngineImpl.java:758) >> at javax.net.ssl.SSLEngine.**unwrap(SSLEngine.java:624) >> at org.eclipse.jetty.io.ssl.**SslConnection$**DecryptedEndPoint.fill(** >> SslConnection.java:490) >> ... 18 more >> Caused by: javax.net.ssl.**SSLHandshakeException: General SSLEngine >> problem >> at sun.security.ssl.Alerts.**getSSLException(Alerts.java:**192) >> at sun.security.ssl.**SSLEngineImpl.fatal(**SSLEngineImpl.java:1703) >> at sun.security.ssl.Handshaker.**fatalSE(Handshaker.java:278) >> at sun.security.ssl.Handshaker.**fatalSE(Handshaker.java:270) >> at sun.security.ssl.**ClientHandshaker.**serverCertificate(** >> ClientHandshaker.java:1341) >> at sun.security.ssl.**ClientHandshaker.**processMessage(** >> ClientHandshaker.java:153) >> at sun.security.ssl.Handshaker.**processLoop(Handshaker.java:**868) >> at sun.security.ssl.Handshaker$1.**run(Handshaker.java:808) >> at sun.security.ssl.Handshaker$1.**run(Handshaker.java:806) >> at java.security.**AccessController.doPrivileged(**Native Method) >> at sun.security.ssl.Handshaker$**DelegatedTask.run(Handshaker.** >> java:1299) >> at org.eclipse.jetty.io.ssl.**SslConnection$**DecryptedEndPoint.fill(** >> SslConnection.java:547) >> ... 18 more >> Caused by: java.security.cert.**CertificateException: No subject >> alternative names matching IP address 199.59.148.10 found >> at sun.security.util.**HostnameChecker.matchIP(** >> HostnameChecker.java:154) >> at sun.security.util.**HostnameChecker.match(**HostnameChecker.java:91) >> at sun.security.ssl.**X509TrustManagerImpl.**checkIdentity(** >> X509TrustManagerImpl.java:347) >> at sun.security.ssl.**AbstractTrustManagerWrapper.**checkAdditionalTrust( >> **SSLContextImpl.java:889) >> at sun.security.ssl.**AbstractTrustManagerWrapper.**checkServerTrusted(** >> SSLContextImpl.java:828) >> at sun.security.ssl.**ClientHandshaker.**serverCertificate(** >> ClientHandshaker.java:1328) >> ... 25 more >> | >> >> What am I doing wrong here? Is this the right way to have Jetty >> HttpClient trust all SSL connections? If not, what's the proper approach? >> >> Other that this one little glitch - HttpClient 9 is fantastic - easy, >> fast, tighter code and more reliable than the asynchronous version of >> Apache HttpClient. >> >> >> >> ______________________________**_________________ >> jetty-users mailing list >> [email protected] >> https://dev.eclipse.org/**mailman/listinfo/jetty-users<https://dev.eclipse.org/mailman/listinfo/jetty-users> >> >> > ______________________________**_________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/**mailman/listinfo/jetty-users<https://dev.eclipse.org/mailman/listinfo/jetty-users> >
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
