File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Question about HttpsURLConnection Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Question about HttpsURLConnection" Watch "Question about HttpsURLConnection" New topic

Question about HttpsURLConnection

Ben Rainville

Joined: Dec 22, 2004
Posts: 8
Hi everyone,

I am running a struts application on jboss 3.2.1. Part of my application deals with posting xml over https. Two problems popped up today, and because they appeared at the same time, I have a hunch they're related.

1. Our production server (which we recently purchased a new SSL certificate for) cannot post xml over https.
2. All of our testing servers can post xml over https (these are running the exact same code). However, when we try to post to our production server, the code breaks.

Here is the code that does the posting:

While using Eclipse's debugger to step through this code on my local machine to QA problem #2, everything goes fine until the line header = uc.getHeaderField(j); No exception is thrown that I can see, but the system hangs, and the debugger stops working. I thought maybe some kind of exception was being thrown (hence the try/catch) but nothing is caught.

Any ideas what might be the problem? Does this sound like an issue with the cert? It was purchased two weeks ago or so, and is valid from 7/21/2005 to 8/11/2006.

Any help would be greatly appreciated. Thank you,

Ben Rainville
Lewin Chan
Ranch Hand

Joined: Oct 10, 2001
Posts: 214
Your application does something like
struts webapp -> https post -> production server?

Where the struts webapp doesn't live on the production server?

Anyway, does j have a value when it hangs? - presumably 0

The javadocs for getHeaderField() implies it's working with the headers from the HTTP Response. The fact that getHeaderField(0) hangs, suggests that, it probably is something to do with the certificate.

Have you had the println from your custom HostnameVerifier code, if you haven't, this implies that you haven't made a connection to your production server.

That's not much help yet... Perhaps,
a) Check the productions servers certificate for CRL distribution points / OCSP distribution points. Are you set up to automatically try and access these things ? - in which case check you have access to them...
b) Import your production servers cert into your local application's trusted keystore.


I have no java certifications. This makes me a bad programmer. Ignore my post.
Ben Rainville

Joined: Dec 22, 2004
Posts: 8
Actually, the struts app does live on the production server, but there is a mirror of the application on another server. The struts app sends and receives xml, and in this case, the mirror was sending and the production server was receiving.

After I posted, I thought that maybe the keystore was the problem, so I reimported the production certificate, but to no avail. Then I had our IT guy restart the linux box that hosts the production app, and now everything works fine.

Weird. Thanks for your help though.
I agree. Here's the link:
subject: Question about HttpsURLConnection
It's not a secret anymore!