httpclient and ssl

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

httpclient and ssl

teknokrat
I am trying to set up httpclient to replace another ad hoc class we
have. It uses https. HttpClient fails the ssl handshake. The current
class has the following in a static initializer

    static {
         SSLContext context;
         SSLSocketFactory ssf;
         try {
              X509TrustManager trustManager = new X509TrustManager() {
                 public X509Certificate[] getAcceptedIssuers() {
                     return null;
                 }

                 public void checkClientTrusted(X509Certificate[] arg0,
tring arg1)
                     throws CertificateException {
                 }

                 public void checkServerTrusted(X509Certificate[] arg0,
String arg1)
                     throws CertificateException {
                 }
             };

             HostnameVerifier verifier = new HostnameVerifier() {
                 public boolean verify(String arg0, SSLSession arg2) {
                     return true;
                 }
             };

             TrustManager[] tma = {trustManager};
             context = SSLContext.getInstance("SSLv3");
             context.init(null, tma, null);

             ssf = context.getSocketFactory();
             HttpsURLConnection.setDefaultHostnameVerifier(verifier);
             HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
         }
         catch (GeneralSecurityException e) {
             // if this has failed, we wont allow https connections
             failedToInitialize = true;
         }
     }

It works fine. Does anyone understand why this works and why HttpClient
fails?

thanks


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]