Using HttpClient 4.1.0, we are trying to connect to a remote server, which usually connects to using the form. By the way, it will be for production use, but I would not call the information that we send sensitive. I am not sure that they will insist on connecting https.
When we try to call httpClient.execute (httpPost), it throws an SSLPeerUnverifiedException
We create DefaultHttpClient using ThreadSafeClientConnManager and verify that the https registry is associated with SSLSocketFactory.
We connect to a URL like this: https://some.thingchangedtoprotectthem.com/servlet/servlet.Something
Why does the browser work like a charm, but does the server-side process explode with this exception? Is it because the browser comes with verisign certificates, but HttpClient doesn't?
System.out and Stack trace below:
schemeSocketFactory = org.apache.http.conn.ssl.SSLSocketFactory
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:345)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:562)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
source
share