'Re: javax.net.ssl.SSLHandshakeException: certificate expired (can'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       httpclient-users
Subject:    Re: javax.net.ssl.SSLHandshakeException: certificate expired (can
From:       Oleg Kalnichevski <olegk () apache ! org>
Date:       2004-12-20 22:26:43
Message-ID: 1103581603.4843.18.camel () localhost ! localdomain
[Download RAW message or body]

Amit,

Basically all it takes is a custom TrustManager
<http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/X509TrustManager.html> which \
would not validate the expiry date of the server certificates (or in the most vulgar \
form would not validate them at all and simply accept any certificate.

For details see 'Customizing SSL in HttpClien' section of the HttpClient
SSL guide. 

http://jakarta.apache.org/commons/httpclient/3.0/sslguide.html

Here you can find some code samples

http://cvs.apache.org/viewcvs.cgi/jakarta-
commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/

Hope this helps

Oleg





On Mon, 2004-12-20 at 14:00 -0800, amit parnerkar wrote:
> Hi,
> We are using the following httpclient code to connect to website using https \
> protocol. The problem is that the server certificate is expired on www.myhome.net \
> and the following code is throwing SSL Handshake exception because of \
> CertificateExpired exception. Is there a way we can still use this expired \
> certificate and still send data encrypted??  One more thing, this code works fine \
> from my local machine (windows with WSAD) but not from development or production \
> (both unix box). Application is deployed in Websphere app server 5.0
> Any help is highly appreciated.
> 
> userName = "userName";
> passWord = "XXXX";
> connectURL = "https://www.myhome.net/processrequest.cgi";
> HttpClient httpclient = new HttpClient();
> HttpState aState = httpclient.getState();
> Credentials credentials =
> new UsernamePasswordCredentials(userName, passWord);
> aState.setCredentials(new AuthScope(null, -1), credentials);
> PostMethod httpPost = new PostMethod(connectURL);
> NameValuePair[] data = { new NameValuePair("requestxml", requestXML)};
> httpPost.setRequestBody(data);
> BufferedReader in = null;
> try {
> httpclient.executeMethod(httpPost);
> in =
> new BufferedReader(
> new InputStreamReader(httpPost.getResponseBodyAsStream()));
> }catch(...)
> 
> 		
> ---------------------------------
> Do you Yahoo!?
> Send a seasonal email greeting and help others. Do good.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic