Samuel, HttpClient does not implement its own SSL support. It relies on standard JSSE libraries to make the magic happen. The exception you are getting is thrown by the JSSE layer, which seems to indicate the problem with your SSL setup rather than a problem in HttpClient. Please have a look at troubleshooting section of the HttpClient SSL guide below
http://jakarta.apache.org/commons/httpclient/sslguide.html See if you can establish connection using plain SSLSocket. Another thing to try is hitting the server directly (not via a proxy) to see if that makes any difference. Usually SSL via proxy is highly prone to all sorts of mishaps due to its complexity. If possible, try to reduce the complexity of your setup in order to pinpoint the component that causes the trouble in the first place. Oleg -----Original Message----- From: Samuel BONNANFANT [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 11:26 To: Commons HttpClient Project Subject: RE: [Https & proxy] Impossible to connect Thanks for your answer, Indeed, I tried a development version of HttpClient, since "HttpClient v2.0 rc2" didn't work as I expected. Here are the logs with 2.0 rc2 : 2003/11/05 11:16:05:140 CET [DEBUG] HttpConnection - -HttpConnection.setSoTimeout(0) 2003/11/05 11:16:05:187 CET [DEBUG] HttpMethodBase - -Preemptively sending default basic credentials 2003/11/05 11:16:05:515 CET [DEBUG] HttpMethodBase - -Default basic proxy credentials applied 2003/11/05 11:16:05:515 CET [DEBUG] HttpMethodBase - -Execute loop try 1 2003/11/05 11:16:05:531 CET [DEBUG] wire - ->> "POST https://abc.sam.fr:8180/toto HTTP/1.1[\r][\n]" 2003/11/05 11:16:05:531 CET [DEBUG] HttpMethodBase - -Adding Host request header 2003/11/05 11:16:05:546 CET [DEBUG] HttpMethodBase - -Default charset used: ISO-8859-1 2003/11/05 11:16:05:578 CET [DEBUG] wire - ->> "application/x-www-form-urlencoded: [\r][\n]" 2003/11/05 11:16:05:593 CET [DEBUG] wire - ->> "Proxy-Authorization: Basic c2JuOnNibjI=[\r][\n]" 2003/11/05 11:16:05:593 CET [DEBUG] wire - ->> "User-Agent: Jakarta Commons-HttpClient/2.0rc2[\r][\n]" 2003/11/05 11:16:05:593 CET [DEBUG] wire - ->> "Host: abc.sam.fr:8180[\r][\n]" 2003/11/05 11:16:05:593 CET [DEBUG] wire - ->> "Proxy-Connection: Keep-Alive[\r][\n]" 2003/11/05 11:16:05:593 CET [DEBUG] wire - ->> "Content-Length: 774[\r][\n]" 2003/11/05 11:16:05:593 CET [DEBUG] wire - ->> "Content-Type: application/x-www-form-urlencoded[\r][\n]" %% No cached client session *** ClientHello, v3.1 RandomCookie: GMT: 1051184357 bytes = { [...] } Session ID: {} Cipher Suites: { [...] } Compression Methods: { 0 } *** [write] MD5 and SHA1 hashes: len = 59 0000: [...]........... main, WRITE: SSL v3.1 Handshake, length = 59 [write] MD5 and SHA1 hashes: len = 77 0000: [...] main, WRITE: SSL v2, contentType = 22, translated length = 16310 and... 2 mins later : main, SEND SSL v3.1 ALERT: fatal, description = close_notify main, WRITE: SSL v3.1 Alert, length = 2 and the exception : javax.net.ssl.SSLException: error while writing to socket at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) Note : it only happens if I use a client certificate. => It's urgent : What can I do ? Thanks. --- "Kalnichevski, Oleg" <[EMAIL PROTECTED]> a écrit : > Samuel, > According to the log you are using the development > version of HttpClient (currently as designated 2.1). > I would strongly recommend using the 2.0 branch > until CVS HEAD stabilizes somewhat. Currently > authentication logic in CVS HEAD is completely > broken by one of my recent patches. I am busy > working on a fix, but it may take a while, as the > fix is most likely to require changes in the API. > > Oleg > > -----Original Message----- > From: Samuel BONNANFANT [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 05, 2003 10:54 > To: [EMAIL PROTECTED] > Subject: [Https & proxy] Impossible to connect > > > Hi, I'm using HttpClient 2.0 rc2. > I've got a pbm when trying to connect to a HTTPS > server (with a client certificate), using a proxy. > > I saw the bug #7643 was resolved, but it seems it > doesn't work with a client certificate. > > Can anybody help me ? > Thanks. > > Here are the logs : > 2003/11/05 10:45:06:312 CET [DEBUG] > HttpMethodDirector > - -Execute loop try 1 > 2003/11/05 10:45:06:421 CET [DEBUG] > HttpMethodDirector > - -Preemptively sending default basic credentials > 2003/11/05 10:45:06:453 CET [DEBUG] > HttpMethodDirector > - -Default basic proxy credentials applied > 2003-11-05 10:45:06,453[main]|INFO > |(StrictSSLProtocolSocketFactory.java:createSocket():131)|Création > d'une socket > 2003-11-05 10:45:06,515[main]|INFO > |(StrictSSLProtocolSocketFactory.java:verifyHostname():166)|Pas > de vérification du serveur > 2003/11/05 10:45:06:531 CET [DEBUG] wire - ->> "POST > https://abc.sam.fr:8180/toto HTTP/1.1[\r][\n]" > 2003/11/05 10:45:06:531 CET [DEBUG] HttpMethodBase - > -Adding Host request header > 2003/11/05 10:45:06:875 CET [DEBUG] HttpMethodBase - > -Default charset used: ISO-8859-1 > 2003/11/05 10:45:06:890 CET [DEBUG] wire - ->> > "application/x-www-form-urlencoded: [\r][\n]" > 2003/11/05 10:45:06:890 CET [DEBUG] wire - ->> > "User-Agent: Jakarta Commons-HttpClient[\r][\n]" > 2003/11/05 10:45:06:890 CET [DEBUG] wire - ->> > "Host: > abc.sam.fr:8180[\r][\n]" > 2003/11/05 10:45:06:906 CET [DEBUG] wire - ->> > "Proxy-Connection: Keep-Alive[\r][\n]" > 2003/11/05 10:45:06:906 CET [DEBUG] wire - ->> > "Content-Length: 774[\r][\n]" > 2003/11/05 10:45:06:906 CET [DEBUG] wire - ->> > "Content-Type: > application/x-www-form-urlencoded[\r][\n]" > %% No cached client session > *** ClientHello, v3.1 > RandomCookie: GMT: 1051182498 bytes = { [...]} > Session ID: {} > Cipher Suites: { [...]} > Compression Methods: { 0 } > *** > [write] MD5 and SHA1 hashes: len = 59 > 0000: [...] > main, WRITE: SSL v3.1 Handshake, length = 59 > [write] MD5 and SHA1 hashes: len = 77 > 0000: [...] > length = 16310 > > and after 2 or 3 min : > main, SEND SSL v3.1 ALERT: fatal, description = > close_notify > main, WRITE: SSL v3.1 Alert, length = 2 > 2003/11/05 10:50:08:140 CET [DEBUG] HttpConnection - > -Releasing connection back to connection manager. > > The Exception : > javax.net.ssl.SSLException: error while writing to > socket > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > at > com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) > > ___________________________________________________________ > Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et > en français ! > Yahoo! Mail : http://fr.mail.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > ___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
