• Post Reply Bookmark Topic Watch Topic
  • New Topic

client using https url  RSS feed

 
peter abc
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear All,
I want to write a servlet client which access a https url and pass parameters and then accept the response.
To use https i have added following lines:
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
HttpsURLConnection connection =(HttpsURLConnection) url.openConnection();
..
..
connection.setRequestProperty("Authorization",
"Basic " +
Base64Encoder.encode(USERNAME + ":" + USERPASSWORD));
But i got following error message:
java.io.IOException: HTTPS hostname wrong: should be <abc>, but cert says <xyz>

I used the following code to reslove this problem:
connection.setHostnameVerifier(
new HostnameVerifier()
{
public boolean verify( String urlHost, String certHost )
{
if( !urlHost.equals( certHost ) )
{
System.out.println( " Ignoring certificate <" + certHost +
"> does not match host <" + urlHost + "> " +
"continuing anyway" );
}
Is there any other way to solve this?
What do i need to do to set following :
System.setProperty("javax.net.ssl.keyStore"," ??");
System.setProperty("javax.net.ssl.keyStoreType","??");
System.setProperty("javax.net.ssl.keyStorePassword","??");
System.setProperty("javax.net.ssl.trustStore","??");
System.setProperty("javax.net.ssl.trustStoreType","??");
System.setProperty("javax.net.ssl.trustStorePassword","??");
Any help or guideline is highly appreciated.I don't have any information about the server side . All i have is https url and username and password.
Thanks,
peterabc
 
Peter den Haan
author
Ranch Hand
Posts: 3252
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by peter abc:
But i got following error message:
java.io.IOException: HTTPS hostname wrong: should be <abc>, but cert says <xyz>
I used the following code to reslove this problem [... HostNameVerifier ...] Is there any other way to solve this?
Yes. Get the other side to fix their server certificate. Apparently the certificate isn't valid for the host they deployed it on. The code you posted effectively disables this part of the certificate check -- which is like fixing an infection by severing the nerves that send the pain signals to your brain.
- Peter
 
peter abc
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply.
I have the https url of the server side.Can someone please provide some guide line to set the following properties:
System.setProperty("javax.net.ssl.keyStore"," ??");
System.setProperty("javax.net.ssl.keyStoreType","??");
System.setProperty("javax.net.ssl.keyStorePassword","??");
System.setProperty("javax.net.ssl.trustStore","??");
System.setProperty("javax.net.ssl.trustStoreType","??");
System.setProperty("javax.net.ssl.trustStorePassword","??");

Any help is highly appreciated.
Thanks,
peterabc
 
Peter den Haan
author
Ranch Hand
Posts: 3252
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Have you looked atthe JSSE Reference Guide, especially the Customizing section? This documentation is also part of your JDK (1.4).
- Peter
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!