Re: HTTP URL results in SSLHandshake error
Thanks for the response. The fact that the siteminder token( for SSO) in the cookie is not getting accepted, the request gets forwarded to a login page(which is HTTPS) and that explains the SSL Handshake exception. If the problem is then because the reused connections retain some of the data from previous requests, do you know if there are any ways to clean up before making a new request? From: Oleg Kalnichevski To: HttpClient User Discussion Sent: Thursday, December 11, 2008 9:29:38 PM Subject: Re: HTTP URL results in SSLHandshake error On Thu, 2008-12-11 at 01:48 -0800, Arul Govindarajan wrote: > Turns out that the problem is not with the SSL. Well, that can well be but 'java.security.cert.CertificateException: Certificate not Trusted' can be caused by a problem with the SSL context setup only. > But, the authentication cookie stops getting accepted on the service side > after a while (I couldnt set a pattern on how long it takes). The same cookie > works if I send it from standalone java code. My suspicion is on the fact > that connections are pooled. And I have a feeling that there is some residue > of previous requests are retained in the connection objects and are causing > this to fail. > > Is that possible scenario? If so, are there any ways to make sure the > connection is completely cleaned up and does not have any carry over from one > request to another, using the same connection. > > Any help will be really appreciated. > > Thanks, > Arul > > Does the target server require client authentication? Oleg > > > > From: Arul Govindarajan > To: httpclient-users@hc.apache.org > Sent: Thursday, December 11, 2008 1:08:33 AM > Subject: HTTP URL results in SSLHandshake error > > Hi, > > I am using HttpClient 3.1 for an application that calls a service. This > application takes the cookie from the original request and passes it on to > the service to enable (use) SSO. I am accessing the service thru HTTP (no > SSL). However, I am running into this exception > > javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: > Certificate not Trusted > > I am not sure how a HTTP url goes into, seemingly, HTTPS. Any clues or > workarounds to resolve this issue? > > Thanks, > Arul > > Here is excerpts from my code... > connectionManager = > new MultiThreadedHttpConnectionManager(); > connectionManager.getParams().setMaxTotalConnections(30); > > client = new HttpClient(connectionManager); > GetMethod method = new GetMethod(url); > method.setFollowRedirects(false); > method.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, > new DefaultHttpMethodRetryHandler(0, false)); > method.setRequestHeader("Cookie", cookie); > try > { > long startTime = System.currentTimeMillis(); > int statusCode = client.executeMethod(method); >logger.info(method.getURI() + " took " > + (System.currentTimeMillis() - startTime) + " ms"); > > if (statusCode != HttpStatus.SC_OK) { > logger.error("Failed: " + method.getStatusLine() + " : " + > url); > } > > String responseBody = method.getResponseBodyAsString(); > if(statusCode == HttpStatus.SC_OK) > { > res = responseBody; > } > else > { > throw new Exception(String.valueOf(method.getStatusCode()) + > method.getStatusText()); > } > } > catch (HttpException he) > { > logger.error("Fatal error: " + he.getMessage()); > throw he; > } > catch (Exception e) > { > logger.error("Fatal error: " + e.getMessage()); > throw e; > } > finally > { > // Release the connection. > method.releaseConnection(); > } > > > - To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org
Re: HTTP URL results in SSLHandshake error
Turns out that the problem is not with the SSL. But, the authentication cookie stops getting accepted on the service side after a while (I couldnt set a pattern on how long it takes). The same cookie works if I send it from standalone java code. My suspicion is on the fact that connections are pooled. And I have a feeling that there is some residue of previous requests are retained in the connection objects and are causing this to fail. Is that possible scenario? If so, are there any ways to make sure the connection is completely cleaned up and does not have any carry over from one request to another, using the same connection. Any help will be really appreciated. Thanks, Arul From: Arul Govindarajan <[EMAIL PROTECTED]> To: httpclient-users@hc.apache.org Sent: Thursday, December 11, 2008 1:08:33 AM Subject: HTTP URL results in SSLHandshake error Hi, I am using HttpClient 3.1 for an application that calls a service. This application takes the cookie from the original request and passes it on to the service to enable (use) SSO. I am accessing the service thru HTTP (no SSL). However, I am running into this exception javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted I am not sure how a HTTP url goes into, seemingly, HTTPS. Any clues or workarounds to resolve this issue? Thanks, Arul Here is excerpts from my code... connectionManager = new MultiThreadedHttpConnectionManager(); connectionManager.getParams().setMaxTotalConnections(30); client = new HttpClient(connectionManager); GetMethod method = new GetMethod(url); method.setFollowRedirects(false); method.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new DefaultHttpMethodRetryHandler(0, false)); method.setRequestHeader("Cookie", cookie); try { long startTime = System.currentTimeMillis(); int statusCode = client.executeMethod(method); logger.info(method.getURI() + " took " + (System.currentTimeMillis() - startTime) + " ms"); if (statusCode != HttpStatus.SC_OK) { logger.error("Failed: " + method.getStatusLine() + " : " + url); } String responseBody = method.getResponseBodyAsString(); if(statusCode == HttpStatus.SC_OK) { res = responseBody; } else { throw new Exception(String.valueOf(method.getStatusCode()) + method.getStatusText()); } } catch (HttpException he) { logger.error("Fatal error: " + he.getMessage()); throw he; } catch (Exception e) { logger.error("Fatal error: " + e.getMessage()); throw e; } finally { // Release the connection. method.releaseConnection(); }
HTTP URL results in SSLHandshake error
Hi, I am using HttpClient 3.1 for an application that calls a service. This application takes the cookie from the original request and passes it on to the service to enable (use) SSO. I am accessing the service thru HTTP (no SSL). However, I am running into this exception javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted I am not sure how a HTTP url goes into, seemingly, HTTPS. Any clues or workarounds to resolve this issue? Thanks, Arul Here is excerpts from my code... connectionManager = new MultiThreadedHttpConnectionManager(); connectionManager.getParams().setMaxTotalConnections(30); client = new HttpClient(connectionManager); GetMethod method = new GetMethod(url); method.setFollowRedirects(false); method.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new DefaultHttpMethodRetryHandler(0, false)); method.setRequestHeader("Cookie", cookie); try { long startTime = System.currentTimeMillis(); int statusCode = client.executeMethod(method); logger.info(method.getURI() + " took " + (System.currentTimeMillis() - startTime) + " ms"); if (statusCode != HttpStatus.SC_OK) { logger.error("Failed: " + method.getStatusLine() + " : " + url); } String responseBody = method.getResponseBodyAsString(); if(statusCode == HttpStatus.SC_OK) { res = responseBody; } else { throw new Exception(String.valueOf(method.getStatusCode()) + method.getStatusText()); } } catch (HttpException he) { logger.error("Fatal error: " + he.getMessage()); throw he; } catch (Exception e) { logger.error("Fatal error: " + e.getMessage()); throw e; } finally { // Release the connection. method.releaseConnection(); }