Trusted certificates with Java 1.4.1

Fri, 06 Jun 2003 01:02:06 -0700 

Hi.

I'm trying to use the SOAP API over HTTPS connections with Java 1.4.1. I
must
implement a custom trust manager that trusts all certificates. I think this
is
where things go wrong.

I suspect that the SOAP API is maybe using some handling from version Java
1.3,
but cannot pinpoint any of that in the api's source code.

I start off by initializing the SSL/SSLContext with:


    java.security.Security.addProvider( new
com.sun.net.ssl.internal.ssl.Provider() );

    System.setProperty( "java.protocol.handler.pkgs",
                        "javax.net.ssl" );

    TrustManager[] trustAllCerts = new TrustManager[] {
      new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return ( null ) }
        public void checkClientTrusted(java.security.cert.X509Certificate[]
certs, String authType) {}
        public void checkServerTrusted( java.security.cert.X509Certificate[]
certs, String authType) {)
      }
    };

    // The openHostnameVerifier trusts all hostnames
    HostnameVerifier openHostnameVerifier = new HostnameVerifier() {
      public boolean verify( String hostname,
                             String session ) { return ( true ); }
      public boolean verify( String hostname,
                             SSLSession session) { return ( true ); }
    };

    SSLContext sslContext = SSLContext.getInstance("SSL");
    sslContext.init( null,
                     trustAllCerts,
                     new java.security.SecureRandom());

    javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
sslContext.getSocketFactory() );
    javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
openHostnameVerifier );

I do not know if the last two lines have any meaning to the SOAP API. As far
as I can see,
it creates its own SSL Socket and does not use the HttpsURLConnection...?

Then I simply make a SOAP call:


    soapCall.setTargetObjectURI( address.getContent() );
    soapCall.setMethodName( METHOD_NAME );
    soapCall.setEncodingStyleURI( Constants.NS_URI_SOAP_ENC) ;

    Parameter pUsername = new Parameter( PARAMETER_USERNAME,
                                                     String.class,
                                                     username.getContent(),
                                                     null );

        .
        .       
        .

    Vector parameters = new Vector();

    parameters.add( pUsername );

        .
        .
        .

    soapCall.setParams( parameters );

    try
    {

      Response response = soapCall.invoke( new java.net.URL(
address.getContent() ),
          "" );
    }
    catch ( MalformedURLException exp )
    {
        // Handle
    }
    catch ( SOAPException exp )
    {
        // Handle
    }


This causes the followin SOAPException:

Error opening socket: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: Couldn't find trusted certificate



Any help with my problem is greatly appreciated!



Regards,
Lars Ove Claesson

Reply via email to