any Idea about the new new javax.net.ssl.HttpsURLConnection

Hi ,
Has any one got idea about the new package javax.net.ssl.HttpsURLConnection
in the JESE 1.4 .
There are a couple of parameters which needs to be set before making a HTTPS request .
I am not able to figure that out ,any help would be appreciated.
A

There is not much to set, I would suggest that you can set your
own HostnameVerifier (it's like callback that check if name of
the host in server's certificate is the same as name of host
that you connect to).
After that you just getInputStream() and getOutputStream() and
you do whatever you do with regular input/output streams.
If you want to know which cipher suite is using for connection,
call to getCipherSuite().
To get server certificates call to getServerCertificates().
That's pretty it.
If you have any other question, ask, it's always pleasure to
help.
Have a nice day.
Alex Givant.

Hi Alex ,
I get the following exception :
javax.net.ssl.SSLHandshakeException: Couldn't find trusted certificate
This is the code I am making use of :
I have blotted out the company specific data by xx& yy
import java.net.*; import java.io.*; import java.util.StringTokenizer; import javax.net.ssl.HttpsURLConnection; public class testUrl { public testUrl() { } public static void main(String[] str){ try{ System.getProperties().put("proxySet","true"); System.getProperties().put("proxyHost","x.yy.xx.qq"); System.getProperties().put("proxyPort","80"); URL myUrl = new URL("https://xxx.yyyyy.zzzz"); HttpsURLConnection urlc = (HttpsURLConnection) myUrl.openConnection(); urlc.setRequestMethod("POST"); urlc.setRequestProperty("Host","xxxxxx"); urlc.setRequestProperty("Accept-encoding","zip"); urlc.setRequestProperty("Content-Type","application/x-www-form-urlencoded"); urlc.setDoOutput(true); urlc.setUseCaches(false); urlc.connect(); System.out.println(urlc.getCipherSuite()); System.out.println("Proxy = "+ urlc.usingProxy()); OutputStream os = urlc.getOutputStream(); PrintStream out = new PrintStream(urlc.getOutputStream()); System.out.println("start throwing out"); out.print(URLEncoder.encode("hdnIndex") + "=" + URLEncoder.encode("1")); out.flush(); out.close(); System.out.println("done"); //get response InputStream is = urlc.getInputStream(); BufferedReader br = new BufferedReader(new InputStreamReader(is)); System.out.println(urlc.getResponseMessage()); String mystr = ""; String finals = ""; while((mystr = br.readLine())!=null){ finals += System.getProperty("line.separator")+ mystr; } System.out.println(finals); }catch(IOException ex){ System.out.println(ex); } } }

I haven't encountered this message, but I wonder whether the server's certificate has been signed by an authority not in your cacerts file. Or maybe the server is requesting a client certificate.
Can you do a little test? Try connecting to https://www.verisign.com. Does that work?
- Peter

Hi ,
It didnt work ,
I removed the part which concerns with making a POST request , and compiled the code for https://www.verisisign.com .
I got a run-time eception :
java.net.UknownHostException: www.verisign.com
Do you have any idea what's missing ..?
Thanks
Anirban

I am running into this as well. With my situation I'm POSTing to SSL Webservers that "we own". What I did was get the Certificate from the Webserver and import it into my applications truststore. Then I run the application that is POSTing to the servlet with
-Djavax.net.ssl.trustStore=ncep
where "ncep" is the name of the key(trust)store that I imported the webserver's certificate into.

I just had the same prob. Mark's answer (the previous one) is correct.
In case anyone needs to know how to do this:
http://httpunit.sourceforge.net/doc/sslfaq.html
See the : "import my existing certificate into the trust file for" section.