How to create REST CLIENT for HTTPS in Java?

Hi please help me in this. I am using following code:

CredentialsProvider credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(new AuthScope("72.20.1.11", AuthScope.ANY_PORT), new UsernamePasswordCredentials("admin", "Password@123")); DefaultHttpClient client = new DefaultHttpClient() ; client.setCredentialsProvider(credsProvider); HttpGet getRequest = new HttpGet("https://72.20.1.11:8281/api/workfs"); getRequest.setHeader("content-type", "application/xml"); ResponseHandler obj = new BasicResponseHandler(); try { client.execute(getRequest, obj); } catch (IOException ex) { Logger.getLogger(RestWebServiceClient.class.getName()).log(Level.SEVERE, null, ex); }


but i am getting following response:

SEVERE: null javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:345) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:126) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:437) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1138) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1076) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:1050) at tableswingtest.RestWebServiceClient.main(RestWebServiceClient.java:61)

I have used InstallCert.java to download certificate from same server and i have put it under security folder of JRE 6/7 both and rerun the program but getting same issue while connecting to server.

Please help me out in finding solution for the same.

Thanks

I also used one more code:

String url = "https://72.20.1.11:8281/api/"; URL obj = new URL(url); HttpsURLConnection con = (HttpsURLConnection) obj.openConnection(); //add reuqest header con.setRequestMethod("POST"); con.setRequestProperty("content-type", "application/xml"); String urlParameters = "sn=C02G8416DRJM&cn=&locale=&caller=&num=12345"; // Send post request con.setDoOutput(true); // DataOutputStream wr = new DataOutputStream(con.getOutputStream()); // wr.writeBytes(urlParameters); // wr.flush(); // wr.close(); int responseCode = con.getResponseCode(); System.out.println("\nSending 'POST' request to URL : " + url); System.out.println("Post parameters : " + urlParameters); System.out.println("Response Code : " + responseCode); } catch (IOException ex) { System.out.println(ex); }

but it is displaying:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Even when jssecacerts is present in C:\Program Files\Java\jre6\lib\security folder

So is the certificate now installed properly in the keystore (you can check with keytool)? That Java code you mentioned can do that, but "i have put it under security folder of JRE 6/7" sounds like you did something manually, and it doesn't sound like the right thing to do.

For development purposes something like http://javaskeleton.blogspot.de/2010/07/avoiding-peer-not-authenticated-with.html would work. Don't ever use that across the public internet, though.