java - Certificate chain different between HTTPSURLconnection and Apache (System) DefaultHttpClient -

-

i facing weird issue wrto apache https client. trying connect external https website has basic authentication turned on (ssl server authenticaion only). here summary of tests , conclusions.

  • use either of chrome/firefox/ie connect website -> success

  • use javax.net.ssl.httpsurlconnection -> success

  • use either of defaulthttpclient or systemdefaulthttpclient -> failure

i tried debug enabling "javax.net.debug" "ssl". noticed both clients pick same trust store (default jdk trust store) , use same protocol (tlsv1). however, differences here

i noticed following extension returned jdk

extension server_name, server_name: [host_name: websitehostname]

while above extension missing in apache web client debug log.

also, 1 more difference saw in certficate chain

the below response jdk native

* certificate chain chain [0] = [ [ version: v3 subject: **cn=websitename, ou=domain control validated - rapidssl(r), ou=see www.rapidssl.com/resources/cps (c)13, ou=gt17702541, serialnumber=q2la1fpflfdny4kuciehylmvw6bq64ch signature algorithm: sha1withrsa, oid = 1.2.840.113549.1.1.5

while in apache client following

chain [0] = [ [ version: v3 subject: emailaddress=root@i4319, cn=i4319, ou=someorganizationalunit, o=someorganization, l=somecity, st=somestate, c=-- signature algorithm: sha1withrsa, oid = 1.2.840.113549.1.1.5

and following exception apache https client.

exception in thread "main" javax.net.ssl.sslpeerunverifiedexception: peer not authenticated

before go , redo work use jdk native client, know happening. insight on behaviour appreciated.

after lot of searching looks weird issue because of lack of sni support in apache client. here jira discusses problem , possible solution here

https://issues.apache.org/jira/browse/httpclient-1119

and possible work around here

https://wiki.apache.org/httpcomponents/snisupport


Comments

Post a Comment

Popular posts from this blog

c++ - Creating new partition disk winapi -

-
i'am trying create new partition , mount volume new, thought createfile let me this, code : lpctstr lpfilename=l"\\\\.\\device\\harddisk0\\partition3"; handle handl=createfile( lpfilename, generic_read | generic_write, file_share_read | file_share_write, null, create_always, file_attribute_normal, null ); if (handl==invalid_handle_value) { qdebug()<<"handl invalid"<<" error"<<getlasterror();} bool success = definedosdevice(ddd_raw_target_path,l"i:",l"\\device\\harddisk0\\partition3"); if(!success) qdebug()<<" definedosdevice failed "<<getlasterror(); bflag = getvolumenameforvolumemountpoint( l"i:\\", // input volume mount point or directory /** u in dir
Read more

Android Prevent Bluetooth Pairing Dialog -

-
i'm developing internal application uses bluetooth printing. want bluetooth pairing occur without user input. have managed working trapping android.bluetooth.device.action.pairing_request broadcast. in broadcast receiver call setpin method, , pairing works ok, bluetoothpairingdialog displayed second or two, disappears - see link below. https://github.com/android/platform_packages_apps_settings/blob/master/src/com/android/settings/bluetooth/bluetoothpairingdialog.java since broadcast non-ordered, can't call abortbroadcast() , , wondering if there other way prevent pairing dialog appearing. can hook window manager in way? i haven't been able come way without modifying sdk. if you're oem, it's easy (i'm on 4.3): in packages/apps/settings/androidmanifest.xml, comment intent filter pairing dialog: <activity android:name=".bluetooth.bluetoothpairingdialog" android:label="@string/bluetooth_pairing_request"
Read more

VBA function to include CDATA -

-
i have following function include cdata: function cdatasection() dim objdom domdocument dim objkmlrootelement ikmldomelement dim objkmlelement ikmldomelement dim cdata ikmldomcdatasection set objdom = new domdocument set objkmlrootelement = objdom.createelement("balloonstyle") objdom.appendchild objkmlrootelement set objkmlelement = objdom.createelement("text") objkmlrootelement.appendchild objkmlelement set cdata = objdom.createcdatasection("text") cdata.data = "<![cdata[<b>latitude = $[latitude]</b>?]]>;" end function when run above, getting error "user defined data type not found" function. yes ripster says find library reference. vba window tools>references for list of relevant references see... http://msdn.microsoft.com/en-us/library/windows/desktop/ms763701%28v=vs.85%29.aspx however, if have hard time tracking down reference, replace dim sta
Read more