java - Certificate chain different between HTTPSURLconnection and Apache (System) DefaultHttpClient -

-

i facing weird issue wrto apache https client. trying connect external https website has basic authentication turned on (ssl server authenticaion only). here summary of tests , conclusions.

  • use either of chrome/firefox/ie connect website -> success

  • use javax.net.ssl.httpsurlconnection -> success

  • use either of defaulthttpclient or systemdefaulthttpclient -> failure

i tried debug enabling "javax.net.debug" "ssl". noticed both clients pick same trust store (default jdk trust store) , use same protocol (tlsv1). however, differences here

i noticed following extension returned jdk

extension server_name, server_name: [host_name: websitehostname]

while above extension missing in apache web client debug log.

also, 1 more difference saw in certficate chain

the below response jdk native

* certificate chain chain [0] = [ [ version: v3 subject: **cn=websitename, ou=domain control validated - rapidssl(r), ou=see www.rapidssl.com/resources/cps (c)13, ou=gt17702541, serialnumber=q2la1fpflfdny4kuciehylmvw6bq64ch signature algorithm: sha1withrsa, oid = 1.2.840.113549.1.1.5

while in apache client following

chain [0] = [ [ version: v3 subject: emailaddress=root@i4319, cn=i4319, ou=someorganizationalunit, o=someorganization, l=somecity, st=somestate, c=-- signature algorithm: sha1withrsa, oid = 1.2.840.113549.1.1.5

and following exception apache https client.

exception in thread "main" javax.net.ssl.sslpeerunverifiedexception: peer not authenticated

before go , redo work use jdk native client, know happening. insight on behaviour appreciated.

after lot of searching looks weird issue because of lack of sni support in apache client. here jira discusses problem , possible solution here

https://issues.apache.org/jira/browse/httpclient-1119

and possible work around here

https://wiki.apache.org/httpcomponents/snisupport


Comments

Post a Comment

Popular posts from this blog

c++ - Creating new partition disk winapi -

-
i'am trying create new partition , mount volume new, thought createfile let me this, code : lpctstr lpfilename=l"\\\\.\\device\\harddisk0\\partition3"; handle handl=createfile( lpfilename, generic_read | generic_write, file_share_read | file_share_write, null, create_always, file_attribute_normal, null ); if (handl==invalid_handle_value) { qdebug()<<"handl invalid"<<" error"<<getlasterror();} bool success = definedosdevice(ddd_raw_target_path,l"i:",l"\\device\\harddisk0\\partition3"); if(!success) qdebug()<<" definedosdevice failed "<<getlasterror(); bflag = getvolumenameforvolumemountpoint( l"i:\\", // input volume mount point or directory /** u in dir
Read more

Android Prevent Bluetooth Pairing Dialog -

-
i'm developing internal application uses bluetooth printing. want bluetooth pairing occur without user input. have managed working trapping android.bluetooth.device.action.pairing_request broadcast. in broadcast receiver call setpin method, , pairing works ok, bluetoothpairingdialog displayed second or two, disappears - see link below. https://github.com/android/platform_packages_apps_settings/blob/master/src/com/android/settings/bluetooth/bluetoothpairingdialog.java since broadcast non-ordered, can't call abortbroadcast() , , wondering if there other way prevent pairing dialog appearing. can hook window manager in way? i haven't been able come way without modifying sdk. if you're oem, it's easy (i'm on 4.3): in packages/apps/settings/androidmanifest.xml, comment intent filter pairing dialog: <activity android:name=".bluetooth.bluetoothpairingdialog" android:label="@string/bluetooth_pairing_request"
Read more

php - joomla get content in onBeforeCompileHead function -

-
i'm developing joomla system plugin. need add javascript , css files if [myshortcode] shortcode found in content. how can content in onbeforecompilehead function function onbeforecompilehead() { $document = jfactory::getdocument(); //add scripts if shortcode found ... $document->addstylesheet($cssfile, 'text/css', null, array()); the $content = jresponse::getbody(); not work. thanks try this, for style sheet, $document = jfactory::getdocument(); $document->addstylesheet('http://domain.com/templates/css/style.css'); for javascript file $document = jfactory::getdocument(); $document->addscript('full url'); also can this, $document = jfactory::getdocument(); // add javascript $document->addscriptdeclaration(' window.event("domready", function() { alert("an inline javascript declaration"); }); '); // add styles $style = 'body {'
Read more