>I agree with Oleg here. It seems this server is not configured as an >SSL proxy. May be at another port. There are running two Apache. One as Proxy, one as WebServer. I'll try to find out the port-configuration. I'm wondering, who creates that CONNECT-Statement ? Ask the Client the Server : "What Protocoll do you have at Port 80?" ? I told the client to be myHttps (which is the Instantiation of my SSLProtocol written for the workaround "untrusted certificates") not to be HTTP.
>Apache is capable of handling SSL tunneling via CONNECT but >it appears to not be configured that way. Also I am wondering why you >are using NTLM authentication with Apache. The Code was stolen from an example out of a thread from this list, discussing a similary theme. Just checked it out with UserPasswordCredentials, but there was no success. What about the SSL Testprogramm. It runs with example "www.verisign.com". Does that really mean, that everything in SSL-configuration is all right. Why throws it an "Caused by: java.security.cert.CertificateException: Could not find trusted certificate"-Exception ? Do I have to register our certificate on Cleint-Site ? In the program ? uli Mike Kalnichevski, Oleg wrote: > Ulrich, > > You are trying to use a normal HTTP server as if it were a proxy. Of course, that > cannot work. The server is absolutely correct about rejecting the request as > syntactically incorrect (status code 400) > > CEST [DEBUG] wire - ->> "CONNECT https://vkk.valtech.de:80 HTTP/1.1" > CEST [DEBUG] wire - ->> "User-Agent: Jakarta Commons-HttpClient/2.0rc1[\r][\n]" > CEST [DEBUG] wire - ->> "Host: https://vkk.valtech.de:80[\r][\n]"; > CEST [DEBUG] wire - ->> "Proxy-Connection: Keep-Alive[\r][\n]" > CEST [DEBUG] wire - ->> "[\r][\n]" > CEST [DEBUG] wire - -<< "HTTP/1.1 400 Bad Request[\r][\n]" > CEST [DEBUG] wire - -<< "Date: Tue, 05 Aug 2003 10:04:14 GMT[\r][\n]" > CEST [DEBUG] wire - -<< "Server: Apache/1.3.26 (Unix) mod_perl/1.27[\r][\n]" > CEST [DEBUG] wire - -<< "Connection: close[\r][\n]" > CEST [DEBUG] wire - -<< "Transfer-Encoding: chunked[\r][\n]" > CEST [DEBUG] wire - -<< "Content-Type: text/html; charset=iso-8859-1[\r][\n]" > > Please contact your network administrator to find out what port the proxy server is > listening on > > Oleg > > > -----Original Message----- > From: Ulrich Freyer-Hirtz [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 05, 2003 3:30 PM > To: Commons HttpClient Project > Subject: AW: Proxied SSL connection > > > >>Apparently your attachment got rejected by the mail server. Try posting it in ZIP >>format. > > Here it comes as zip.... > Also I've some failure in configuration, it would be helpful, if someone could tell > me, that the code should work. > > >>You need to know exactly what port your proxy is listening on. Do you know what type >>of proxy you are using? >>Have a look at the "Known limitations and problems" section of the SSL guide. >>http://jakarta.apache.org/commons/httpclient/sslguide.html > > > Thanks for fast response. I'll check that out and try again. > Keep you informed. > > Greetings > uli > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
