Thanks for the idea Oleg, ill run it over with my admins, you could be right because our AuthSSLProtocolSocketFactory is working just fine in both environments.
Thank you, Kumar Kota SBC Information Technology [EMAIL PROTECTED] (925) 901-6898 -----Original Message----- From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] Sent: Thursday, August 25, 2005 11:12 AM To: HttpClient Project Subject: RE: WebSphere 5.1/HTTPS issue Kumar, Here's my theory. I think previously the Websphere 5.0 server used so called self-signed certificate, which EasyProtocolSocketFactory is meant to trust without verification. Now the Websphere 5.1 server is using a certificate signed by a certificate authority not trusted by the standard TrustManager. EasyProtocolSocketFactory delegates verification of non-self-signed certificates to the standard TrustManager, hence "unknown certificate" exception. See the HttpClient SSL guide for details [1]. You may especially want to take a look at the AuthSSLProtocolSocketFactory and use it (or derive your own implementation from it) to configure the SSL context the way you want Oleg [1] http://jakarta.apache.org/commons/httpclient/sslguide.html On Thu, 2005-08-25 at 10:57 -0700, KOTA, KUMAR (SBCSI) wrote: > Hi Oleg, > > Yes that is right, I have a class that implements the > SecureProtocolSocketFactory, and in turn I set that class as te protocol > for https calls. > > Kumar Kota > SBC Information Technology > [EMAIL PROTECTED] > (925) 901-6898 > > > -----Original Message----- > From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 25, 2005 10:51 AM > To: HttpClient Project > Subject: Re: WebSphere 5.1/HTTPS issue > > > Kumar, > > You are using the EasyProtocolSocketFactory or some code of your own > derived from it? > > Oleg > > > On Thu, 2005-08-25 at 10:03 -0700, KOTA, KUMAR (SBCSI) wrote: > > Hi All, > > > > HTTPS calls using WebSphere Application server 5.0 was working > with > > HTTPClient. However, once we migrated to WebSphere Application Server > > 5.1, we keep receiving "SSLException: unknown certificate" error for > > HTTPS calls. I was wondering if this is a known issue of some sort? > > And if there are any fixes available for this? > > > > Thank you, > > Kumar Kota > > > > > > > > -----Original Message----- > > From: Eric Johnson [mailto:[EMAIL PROTECTED] > > Sent: Thursday, August 25, 2005 9:56 AM > > To: HttpClient Project > > Subject: Re: Important things to discuss. Please make your opinion > known > > > > > > Oleg Kalnichevski wrote: > > > > >Folks, > > > > > >There are three issues that I think we need to discuss: > > > > > >(1) I inquired with the Jakarta PMC regarding the possibility of the > > project name change (Jakarta HttpClient -> Jakarta Http). The reaction > > was overwhelming negative, primarily due to high likelihood of > branding > > conflict with Apache HTTPD, which is a very valid point. We have > several > > options here: > > > > > >(1.1) leave Jakarta and join another TLP (either Apache Tomcat or > > Apache HTTPD) where _might_ be permitted to call the project jHTTP or > > some such sort > > >(1.2) stay with Jakarta and try to come up with a radically different > > project name > > > > > > > > I like Roland's suggestion of HTTP Agent (or is that HttpAgent?). I > > like Haiku as well, although that isn't self-explanatory, so it would > be > > > > my second choice. I'm not coming up with any better altenatives. > > > > >(1.3) essentially do nothing and keep the same name. In this case we > > are likely to not be permitted to release any lightweight HTTP server > or > > proxy under Jakarta name > > > > > >(2) Migration to JIRA. This finally can happen and happen very soon. > > The question is if we still want it. If yes, might have to decide on > the > > project name before the migration takes place > > > > > > > > Since it appears that Bugzilla has finally gotten some attention and > > badly needed upgrades, and HttpClient (or whatever we call it) is > > finally a top-level project in Bugzilla, it seems like switching now > > would provide minimal benefits, and might cause a major hassle. All > the > > > > email archives that currently refer to bugzilla bugs with URLs would > be > > broken, for example. > > > > >(3) 3.0 release. 3.0rc3 have not had any major bugs reported for > quite > > some time. Do we want to release another RC4 before the final release > or > > not? > > > > > > > > > > > I suggest doing an RC4, waiting a few weeks (or just two), and then > > declare it final, assuming no bugs arise. > > > > >Please let me know what you think. Everyone is very welcome to throw > in > > their ideas > > > > > > > > Consider them thrown! > > > > -Eric. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
