Regarding javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated issue

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Regarding javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated issue

Aarti Gauba
Hi,

I am trying to send a https request for attachment download using org.apache.http.impl.client.DefaultHttpClient (using jars-httpclient-4.1.2.jar, httpcore-4.1.2.jar). By adding a cookie to the request, i am able to authenticate and able to download attachments on my local machine(windows). However on the dev machine(linux box), i am getting "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" exception everytime i try to download the documents. We are using same self signed certificates on both local and dev enviornments.

I have also tried code which will trust all hostnames and trust all certificates, it again worked on my local machine but did not work on dev box.

Following exception im getting with ssl debug on :

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
 at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
 at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
 at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
..........................
..........................
<Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
 at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
 at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
 at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
 at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
 at weblogic.net.http.HttpClient.closeServer(HttpClient.java:540)
 at weblogic.net.http.KeepAliveCache$1.run(KeepAliveCache.java:111)
 at java.util.TimerThread.mainLoop(Timer.java:512)
 at java.util.TimerThread.run(Timer.java:462)
>
<Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <close(): 293132247>
<Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 2110582459>
<Oct 25, 2011 3:31:52 PM IST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0


I am using the following code:

HttpGet httpget = new HttpGet(url);   // url-> https url for a document
HttpResponse response = httpclient.execute(httpget);
HttpEntity rsentity = response.getEntity();
rsentity.writeTo(outputStream);

I am getting the exception on the first line itself.

Any ideas?

Thanks,
Aarti
Reply | Threaded
Open this post in threaded view
|

Re: Regarding javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated issue

Litty
Enable the ssl debug log by setting -Djavax.net.debug=all system variable.
Make sure that the right certificate is being used. Are you using two way
ssl to authenticate the client or do you mean authentication of server?

Regards,
Litty

On Tue, Oct 25, 2011 at 6:41 PM, Aarti Gauba <[hidden email]> wrote:

> Hi,
>
> I am trying to send a https request for attachment download using
> org.apache.http.impl.client.DefaultHttpClient (using
> jars-httpclient-4.1.2.jar, httpcore-4.1.2.jar). By adding a cookie to the
> request, i am able to authenticate and able to download attachments on my
> local machine(windows). However on the dev machine(linux box), i am getting
> "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated"
> exception everytime i try to download the documents. We are using same self
> signed certificates on both local and dev enviornments.
>
> I have also tried code which will trust all hostnames and trust all
> certificates, it again worked on my local machine but did not work on dev
> box.
>
> Following exception im getting with ssl debug on :
>
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>  at
> com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
>  at
> org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
>  at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
> ..........................
> ..........................
> <Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <NEW
> ALERT with Severity: WARNING, Type: 0
> java.lang.Exception: New alert stack
>  at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
>  at
> com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown
> Source)
>  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
>  at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
>  at weblogic.net.http.HttpClient.closeServer(HttpClient.java:540)
>  at weblogic.net.http.KeepAliveCache$1.run(KeepAliveCache.java:111)
>  at java.util.TimerThread.mainLoop(Timer.java:512)
>  at java.util.TimerThread.run(Timer.java:462)
> >
> <Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <write
> ALERT, offset = 0, length = 2>
> <Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000> <close():
> 293132247>
> <Oct 25, 2011 3:31:49 PM IST> <Debug> <SecuritySSL> <BEA-000000>
> <SSLIOContextTable.removeContext(ctx): 2110582459>
> <Oct 25, 2011 3:31:52 PM IST> <Debug> <SecuritySSL> <BEA-000000> <NEW
> ALERT with Severity: WARNING, Type: 0
>
>
> I am using the following code:
>
> HttpGet httpget = new HttpGet(url);   // url-> https url for a document
> HttpResponse response = httpclient.execute(httpget);
> HttpEntity rsentity = response.getEntity();
> rsentity.writeTo(outputStream);
>
> I am getting the exception on the first line itself.
>
> Any ideas?
>
> Thanks,
> Aarti
>