stackoom
  简体   繁体   中英

HTTPs over a proxy with apache http client

 原文  2012-09-07 08:22:27       java/ apache/ http/ ssl

Question

I have a http client which is based on the apache http client and it seems to have no problem with ssl certificates. I have a unit test for both globally recognized certs and self signed certs with a custom SSLSocketFactory.

However when I ran the same code behind a proxy, it stopped working. I keep getting this dreaded exception: 

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)

I reduced the code to the bare minimum and it still throws the same exception. The code: 

    URI uri = new URI("https://www.google.com");
    DefaultHttpClient client = new DefaultHttpClient();
    client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, 
            new HttpHost("proxy.int", 8080, "https"));

    HttpUriRequest request = new HttpGet(uri);
    HttpResponse response = client.execute(request);

I wasn't sure if it uses the default ssl settings if nothing is specified so I added it explicitly as well: 

    URI uri = new URI("https://www.google.com");
    DefaultHttpClient client = new DefaultHttpClient();
    client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, 
            new HttpHost("proxy.int", 8080, "https"));

    client.getConnectionManager().getSchemeRegistry().register(
            new Scheme("https", 443, SSLSocketFactory.getSystemSocketFactory()));

    HttpUriRequest request = new HttpGet(uri);
    HttpResponse response = client.execute(request);

I also tried the getSocketFactory() (not entirely sure what the difference is with getSystemSocketFactory()), still the same error though.

EDIT :

The proxy has optional authentication and I have tried both with and without. The authentication information was set using the following code: 

    client.getCredentialsProvider().setCredentials(
        new AuthScope("proxy.int", 8080),
        new UsernamePasswordCredentials("user", "password")
    );

Exactly the same error.

1 answers

solution1
 7 ACCPTED  2012-09-25 05:38:58

The problem was in the proxy declaration, I had to specify "http" instead of "https": 

client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, 
        new HttpHost("proxy.int", 8080, "http"));

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache HTTP Client socks proxy Accessing HTTPS web services through proxy tunnel using org.apache.http.impl.client.ProxyClient Apache HTTP Client and conditional setting of proxy How to use Socks 5 proxy with Apache HTTP Client 4? Proxy timeouts on Java Apache HTTP client Apache Http Client 4.0.1 SSL Proxy HTTPS through HTTP proxy How to emulate a browser HTTPS POST request with Java (Apache HTTP Client)? org.apache.http.impl.client.CloseableHttpClient Proxy Authentication How to use Proxy authentication with Jersey and Apache Http client?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM