Re: Having Trouble Getting HttpClient Working with TLSv1.2

2016-04-22 Thread ecki
Souns like the service does not like TLS12, did you try using Browser or openssl to verify what Protocol it accepts. Or just sent a full list of protocols for a test. Gruss Bernd -- http://bernd.eckenfels.net -Original Message- From: Dave Westerman To:

Re: issue with https connection using Apache http client 4.3.5 with android

2016-04-22 Thread Bhowmik, Bindul
Sunil, While it is a bad idea to turn off certificate verification in production code (allows MITM attacks); if you absolutely have you, you can look at org.apache.http.conn.ssl.AllowAllHostnameVerifier (or org.apache.http.conn.ssl.NoopHostnameVerifier for newer versions of Http Client). Bindul

Having Trouble Getting HttpClient Working with TLSv1.2

2016-04-22 Thread Dave Westerman
We are using ApacheHttpClient to connect to an external REST service. We've been using version 4.3.5, but we also tried it with 4.5.2, and the results have been the same. The backend service changed to force the use of TLSv1.2, which causes our code to fail because of the protocol versiom. So

Re: Trust all certificates

2016-04-22 Thread Robson Roberto Souza Peixoto
Thanks all for the attention. The AES_128_GCM was implemented only on java 8. The list of ciphers and the jvm version are here: http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites I have upgraded to java8 and everything are working like charm.

Re: issue with https connection using Apache http client 4.3.5 with android

2016-04-22 Thread Sunil Chandrasekharan
How can i disable certifcate verification at client side. I dont need to verify the certificate at client side. Can you help me achieve HTTPS connection without verifying certifcate at client side. On Wed, Apr 20, 2016 at 3:34 PM, wrote: > Hello, > > If you specify a

Re: httpasyncclient BasicAsyncRequestProducer prevents HttpRequestInterceptor from replacing HttpEntity of the request

2016-04-22 Thread Oleg Kalnichevski
On Wed, 2016-04-20 at 15:03 +, Sven Zethelius wrote: > I am trying to use a HttpRequestInterceptor to adapt a request sent to a > org.apache.http.impl.nio.client.CloseableHttpAsyncClient. I want to do > request body compression (e.g. Content-Encoding: gzip for HttpRequest, not >