Posted on August 25, 2011 in Development, Java
In the previous post I wrote about some SSL common issues in Java. One of them, the most popular in my opinion, points out to a flexible way to make ssl connections using Jakarta Commons Http Client 3.1 without any static call. This is a good choice if your client has to communicate with two or more different hosts using different keystores or truststores.
Basically, you have to use a specific HostConfiguration and a given ProtocolSocketFactory implementation within your HttpClient object. I found out that the HostConfiguration has to contain the name of the host you want to communicate with, while the HttpMethod object must contain a relative path, otherwise the HostConfiguration will be overridden at runtime with the default one. And what about doing the same to make a web service call through Spring Web Services?
Much has been written about making SSL
connections in Java
. I think it would be useful to share my personal experience, so I’m gonna write about some common issues
I dealt with.
First of all, I remember a generic SSLHandshakeException due to the popular Transport Layer Security (TLS) Renegotiation Issue. I solved it by re-enabling the SSL renegotiation this way:
I came across the following error too:
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
which might depend on either the server configuration or the client certificate. For example, if you try to use a client certificate signed by a an issuer refused on the server side, you’ll have this exception thrown on the client side.