SSL Mutual Authentication Code worked in 4.0.1 but fails in 4.1

[Travis T]

I have a server with a self signed certificate.  I've created a java key
store (trustStore) which includes that server in the trust store.  I have a
keystore which includes my certificate and private key.  My certificate was
signed by the server. I've used the API to create a SSLSocketFactory that
registers my keystore and truststore.

Using Apache HTTPClient 4.0.1 it all worked.  I upgraded to 4.1 and other
than having to reorder the arguments in the Scheme constructor the code is
the same.  However, now I get a javax.net.ssl.SSLPeerUnverifiedException:
peer not authenticated

Help, please?

Below is the code:

String doGet(URI uri, String acceptType) throws Exception
        {
                // To be replaced by common module.
                String result = null;
                DefaultHttpClient httpclient = new DefaultHttpClient();
                try
                {
                        SSLSocketFactory socketFactory = new 
SSLSocketFactory(keyStore,
String.valueOf(keyStorePassword), trustStore);
                        Scheme sch = new Scheme("https", 443, socketFactory);
                        
httpclient.getConnectionManager().getSchemeRegistry().register(sch);

                        HttpGet httpget = new HttpGet(uri.toASCIIString());
                        httpget.addHeader("Accept", acceptType);
                        HttpResponse response = httpclient.execute(httpget);
                        HttpEntity entity = response.getEntity();

                        result = IOUtils.getContent(entity.getContent());
                } finally
                {
                        httpclient.getConnectionManager().shutdown();
                }

                return result;
        }

Below is the exception I get in 4.1:

Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer
not authenticated
        at
com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
        at
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
        at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390)
        at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
        at
org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
        at
org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
        at
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:562)
        at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
-- 
View this message in context: 
http://old.nabble.com/SSL-Mutual-Authentication-Code-worked-in-4.0.1-but-fails-in-4.1-tp31092864p31092864.html
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org