wood burning stoves 2.0*
The moose likes Other Open Source Projects and the fly likes HttpClient with a certificate Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Other Open Source Projects
Bookmark "HttpClient with a certificate" Watch "HttpClient with a certificate" New topic
Author

HttpClient with a certificate

Yellapa Adepu
Ranch Hand

Joined: Jan 17, 2006
Posts: 34
Hi Friends,
I am trying to connect another application from our application using HttpClient connection. It requires a security certificate though it is an internal application and does not pass through a proxy.

I am not clear how to establish HttpClient connection with a security SSL certificate. Could you please help me in doing this.

Note: I am able to establish the connectivity using UrlConnection with SSL Context. It is working fine.

Thanks,
[ April 22, 2007: Message edited by: Yellappa Adepu ]

Yellapa Adepu<br />SCEA
Yellapa Adepu
Ranch Hand

Joined: Jan 17, 2006
Posts: 34
Originally posted by Yellappa Adepu:
Hi Friends,
I am trying to connect another application from our application using HttpClient connection. It requires a security certificate though it is an internal application and does not pass through a proxy.

I am not clear how to establish HttpClient connection with a security SSL certificate. Could you please help me in doing this.

Note: I am able to establish the connectivity using UrlConnection with SSL Context. It is working fine.

Thanks,
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

Apache HTTPClient? I don't do anything special to connect to an HTTPS URL. Why not just try it and see what happens?
Yellapa Adepu
Ranch Hand

Joined: Jan 17, 2006
Posts: 34
Thanks for your reply. But I tried it earlier, here is the exception I am getting... however the same implementation is working fine in talking to other systems using https and username, password authentication...

The problem is when I use certificates... please help..

[4/23/07 10:50:54:558 EDT] 257ba6b7 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector I/O exception (java.net.SocketException) caught when processing request: Socket is not connected
[4/23/07 10:50:54:558 EDT] 257ba6b7 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector Retrying request
[4/23/07 10:50:54:558 EDT] 257ba6b7 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector I/O exception (java.net.SocketException) caught when processing request: Socket is not connected
[4/23/07 10:50:54:558 EDT] 257ba6b7 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector Retrying request
[4/23/07 10:50:54:574 EDT] 257ba6b7 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector I/O exception (java.net.SocketException) caught when processing request: Socket is not connected
[4/23/07 10:50:54:574 EDT] 257ba6b7 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector Retrying request

Thanks,
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

Oh, I see. What you didn't mention before was this:

1. You already tried it.

2. It works successfully connecting to some servers via HTTPS.

3. There is one server where the connection does not work, and an exception is being thrown.

4. You are using authentication of some kind in the case of the non-working connection.

It always helps to have information about the problem to be solved. Is there any other information you have about the problem?

I can tell you that I had a problem because the certificate of the server I wanted to connect to was from a company that wasn't recognized by the SSL internals in my system. But it didn't produce the exception you describe.
Yellapa Adepu
Ranch Hand

Joined: Jan 17, 2006
Posts: 34
Hi,
Here is some more information. I am able to connect to the other system using below implementation.

// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public boolean isClientTrusted(X509Certificate[] arg0) {
return true;
}
public boolean isServerTrusted(X509Certificate[] arg0) {
return true;
}
}
};

// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}


StringBuffer result = new StringBuffer();

try {

// Send data
URL urlM = new URL(url);
URLConnection conn = urlM.openConnection();
conn.setDoOutput(true);
OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
String xmlResult = Utils.generateXMLForPaymentGateway(app);

wr.write(xmlResult);

wr.flush();

// Get the response
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;

while ((line = rd.readLine()) != null)
{
result.append(line);
}
wr.close();
rd.close();
} catch (Exception e) {
e.printStackTrace();
}

I can send request and get the response. But same thing I am trying to achieve using HttpClient. This is how I am creating HttpClient.
try{
HttpConnectionManagerParams connectionManagerParms = new HttpConnectionManagerParams();
connectionManagerParms.setDefaultMaxConnectionsPerHost(maxHostConnections);
connectionManagerParms.setMaxTotalConnections(maxTotalConnections);
connectionManagerParms.setSoTimeout(socketTimeout);
connectionManagerParms.setConnectionTimeout(connectionTimeout);
connectionManager = new MultiThreadedHttpConnectionManager();
connectionManager.setParams(connectionManagerParms);

Protocol easyhttps = new Protocol("https", new MySSLProtocolSocketFactory(), 9443);

httpClient = new HttpClient(connectionManager);
httpClient.getHostConfiguration().setHost(PropertyUtil.getHostname(), 9443, easyhttps);
} catch (Exception e){
clientCreated=false;
clientCreatedMessage = "Init HTTPUtil call Problem: Problem creating MultiThreadedHttpConnectionManager " + e.getMessage();
Log.error(clientCreatedMessage);
}

where as MySSLProtocolSocketFactory is extending SSLProtocolSocketFactory.

Please help,
Thanks,
Ashish Kirpan
Greenhorn

Joined: Jan 24, 2011
Posts: 22

Hi
i am also try to send the certificate to https using HttpClient class but it will not able to send the certificate and i got 403 forbidden error response code from server...
but now i able to send the certificate and no problem occur... i got 200 response code..
just add the certificate path in System.properties your problem get resolved .....

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: HttpClient with a certificate
 
Similar Threads
javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites whi
certificate to establish a secured connection(SSL)
Getting Client Certificate after SSL Handshake
SSL Configuration in WLS 7.0
SSL Handshake Issue