[
https://issues.apache.org/jira/browse/HTTPCLIENT-1797?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski resolved HTTPCLIENT-1797.
-------------------------------------------
Resolution: Invalid
http://hc.apache.org/httpcomponents-asyncclient-4.1.x/httpasyncclient/apidocs/org/apache/http/impl/nio/client/HttpAsyncClientBuilder.html#setSSLStrategy(org.apache.http.nio.conn.SchemeIOSessionStrategy)
Oleg
> Closeable async http client not sending client certificate when server
> requests
> -------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1797
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1797
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (async)
> Environment: Ubuntu with java 1.8
> Reporter: Gayan Bandaranayake
> Priority: Blocker
>
> I am trying to connect to a server which requires two way SSL authentication
> with apache CloseableHttpAsyncClient. I have provided the JVM with keystore
> and truststore using -Djavax.net.ssl.keyStore and -Djavax.net.ssl.trustStore.
> However, the client does not send the certificate to the server when asked.
> From the server side I keep getting the following exception.
> javax.net.ssl.SSLHandshakeException: null cert chain
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:292)
> at
> sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1804)
> I have checked the packet trace and the server requests for the client
> certificate mentioning trusted authorities. But the client message for
> certificate contains a certificate of length 0. Same application has a SOAP
> client which also connects to the same server with two say SSL authentication
> which is working fine. Please find the code to initialize the http client
> below.
> SSLContext sslContext;
> try {
> sslContext = SSLContexts.custom()
> .loadTrustMaterial(new TrustSelfSignedStrategy())
> .build();
> } catch (NoSuchAlgorithmException | KeyStoreException |
> KeyManagementException e) {
> logger.error("An error occurred while creating ssl context,", e);
> throw new RuntimeException(e);
> }
> SSLIOSessionStrategy sslSessionStrategy = new SSLIOSessionStrategy(
> sslContext,
> new String[]{"TLSv1"},
> null,
> SSLIOSessionStrategy.getDefaultHostnameVerifier());
> httpClient = HttpAsyncClients
> .custom()
> .setConnectionManager(connectionManager)
>
> .setSSLHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
> .setSSLStrategy(sslSessionStrategy)
> .build();
> httpClient.start();
> I have tried registering ConnectionSocketFactory for http and
> SSLConnectionSocketFactory for https using ConnectionSocketFactory registry
> and it also did not work.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
