HttpUnit und SSL (https)

[Scratch]

Hi,

ich hab ein kleines Problem mit HttpUnit 1.6.2.

Ich möchte eine SSL Seite aufrufen und bekomm als Fehler folgendes:

java.io.IOException 

    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:593) 

    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:272) 

    at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getResponseCode(DashoA6275) 

    at com.meterware.httpunit.HttpWebResponse.readResponseHeader(HttpWebResponse.java:162) 

    at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:200) 

    at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:56) 

    at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:67) 

    at com.meterware.httpunit.WebConversation.newResponse(WebConversation.java:76) 

    at com.meterware.httpunit.WebWindow.getResource(WebWindow.java:164) 

    at com.meterware.httpunit.WebWindow.getSubframeResponse(WebWindow.java:128) 

    at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:121) 

    at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:102) 

    at com.meterware.httpunit.WebClient.getResponse(WebClient.java:87) 

    at _ZZHttpUnit._jspService(_ZZHttpUnit.java:124) 

    at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:56) 

    at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:349) 

    at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:509) 

    at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:413) 

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) 

    at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65) 

    at oracle.security.jazn.oc4j.JAZNFilter.doFilter(Unknown Source) 

    at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621) 

    at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330) 

    at com.evermind.server.http.ServletRequestDispatcher.forward(ServletRequestDispatcher.java:257) 

    at oracle.portal.provider.v2.render.http.ResourceRenderer.renderBody(Unknown Source) 

    at oracle.portal.provider.v2.render.RenderManager.render(Unknown Source) 

    at oracle.portal.provider.v2.DefaultPortletInstance.render(Unknown Source) 

    at oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter.showPortlet(Unknown Source) 

    at oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter.handleHttp(Unknown Source) 

    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

    at java.lang.reflect.Method.invoke(Method.java:324) 

    at oracle.webdb.provider.v2.adapter.SOAPServlet.doHTTPCall(Unknown Source) 

    at oracle.webdb.provider.v2.adapter.SOAPServlet.service(Unknown Source) 

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) 

    at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65) 

    at oracle.security.jazn.oc4j.JAZNFilter.doFilter(Unknown Source) 

    at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621) 

    at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330) 

    at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:794) 

    at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:208) 

    at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:125) 

    at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186) 

    at java.lang.Thread.run(Thread.java:534) 

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found 

    at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275) 

    at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275) 

    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275) 

    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:617)  

    at sun.net.www.protocol.http.HttpURLConnection.getHeaderFieldKey(HttpURLConnection.java:1490)  

    at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getHeaderFieldKey(DashoA6275)  

    at com.meterware.httpunit.HttpWebResponse.loadHeaders(HttpWebResponse.java:216)  

    at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:198)  

    ... 40 more 

Caused by: sun.security.validator.ValidatorException: No trusted certificate found 

    at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304) 

    at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107) 

    at sun.security.validator.Validator.validate(Validator.java:202) 

    at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275) 

    at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275) 

    ... 53 more 

Ich weiss ehrlich gesag gerade nicht weiter da ich echt so ziemlich alles probiert hab was google an Lösungsmöglichkeiten hergibt. 1. Geschaut ob jsse.jar Verfügbar ist -> Ist sie. 2. Certificate von der Seite gespeichert und Importiert in cacerts 3. Parameter in der JVM gesetzt javax.net.ssl.keyStore=$java/lib/security/cacerts -Djavax.net.ssl.keyStorePassword=changeit 4. Code der die Certificate immer erlaubt.

// Create a trust manager that does not validate certificate chains

TrustManager[] trustAllCerts = new TrustManager[]

{

	new X509TrustManager()

	{

		public java.security.cert.X509Certificate[] getAcceptedIssuers()

		{

			return null;

		}

		public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)

		{}

		public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)

		{}

        }

};


try

{

	SSLContext sc = SSLContext.getInstance("SSL");

	sc.init(null, trustAllCerts, new java.security.SecureRandom());

	HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

}

catch(Exception e)

{}

Es funktioniert aber einfach nicht ... die Fehlermeldung ist nach wie vor die selbe.

Anyone can help???

Danke!!

Gruß Scratch

[perdian]

Ich verwende für sowas die angehängte Klasse. Initialisierung einfach irgendwo vor deinem Code mit XTrustProvider.install()

/*

 * The contents of this file are subject to the "END USER LICENSE AGREEMENT FOR F5

 * Software Development Kit for iControl"; you may not use this file except in

 * compliance with the License. The License is included in the iControl

 * Software Development Kit.

 *

 * Software distributed under the License is distributed on an "AS IS"

 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See

 * the License for the specific language governing rights and limitations

 * under the License.

 *

 * The Original Code is iControl Code and related documentation

 * distributed by F5.

 *

 * Portions created by F5 are Copyright (C) 1996-2004 F5 Networks

 * Inc. All Rights Reserved.  iControl (TM) is a registered trademark of

 * F5 Networks, Inc.

 *

 * Alternatively, the contents of this file may be used under the terms

 * of the GNU General Public License (the "GPL"), in which case the

 * provisions of GPL are applicable instead of those above.  If you wish

 * to allow use of your version of this file only under the terms of the

 * GPL and not to allow others to use your version of this file under the

 * License, indicate your decision by deleting the provisions above and

 * replace them with the notice and other provisions required by the GPL.

 * If you do not delete the provisions above, a recipient may use your

 * version of this file under either the License or the GPL.

 */


import java.security.AccessController;

import java.security.InvalidAlgorithmParameterException;

import java.security.KeyStore;

import java.security.KeyStoreException;

import java.security.PrivilegedAction;

import java.security.Security;

import java.security.cert.X509Certificate;


import javax.net.ssl.ManagerFactoryParameters;

import javax.net.ssl.TrustManager;

import javax.net.ssl.TrustManagerFactorySpi;

import javax.net.ssl.X509TrustManager;


public final class XTrustProvider extends java.security.Provider {


  static final long serialVersionUID      = 20060411153030L;


  private final static String NAME        = "XTrustJSSE";

  private final static String INFO        = "XTrust JSSE Provider (implements trust factory with truststore validation disabled)";

  private final static double VERSION     = 1.0D;


  public XTrustProvider() {

    super(NAME, VERSION, INFO);

    AccessController.doPrivileged(new PrivilegedAction<Object>() {

      public Object run() {

        put("TrustManagerFactory." + TrustManagerFactoryImpl.getAlgorithm(), TrustManagerFactoryImpl.class.getName());

        return null;

      }

    });

  }


  public static void install() {

    if(Security.getProvider(NAME) == null) {

      Security.insertProviderAt(new XTrustProvider(), 2);

      Security.setProperty("ssl.TrustManagerFactory.algorithm",

      TrustManagerFactoryImpl.getAlgorithm());

    }

  }


  public final static class TrustManagerFactoryImpl extends TrustManagerFactorySpi {

    public static String getAlgorithm() { return "XTrust509"; }

    protected void engineInit(KeyStore keystore) throws KeyStoreException { }

    protected void engineInit(ManagerFactoryParameters mgrparams) throws InvalidAlgorithmParameterException {

      throw new InvalidAlgorithmParameterException(XTrustProvider.NAME + " does not use ManagerFactoryParameters");

    }

    protected TrustManager[] engineGetTrustManagers() {

      return new TrustManager[] {

        new X509TrustManager() {

          public X509Certificate[] getAcceptedIssuers() { return null; }

          public void checkClientTrusted(X509Certificate[] certs, String authType) { }

          public void checkServerTrusted(X509Certificate[] certs, String authType) { }

        }

      };

    }

  }


}

[Scratch]

Danke perdi ... hab übrigens auch das Original dazu gefunden.

Unten in den Comments stehen dazu noch paar Info's.

Für alle mit ähnlichen Problemen also hier vorbei schauen:

http://devcentral.f5.com/weblogs/joe/archive/2005/07/06/1345.aspx

Gruß Scratch

[Scratch]

Hi,

habe das selbe Problem erneut und diesmal obwohl ich diese Klasse eingebunden habe ...

Irgendwie ist da was faul ...

Hat jemand ne Idee?

Grüße

Scratch

[perdian]

habe das selbe Problem erneut und diesmal obwohl ich diese Klasse eingebunden habe

<gebetsmuehle>

Fehlermeldung?

Quellcode?

</gebetsmuehle>

[Scratch]

Es war die selbe Meldung wie oben ... am Code wurde nichts geändert daher wars für mich ein Rätsel warums net mehr geht ...

Habs aber wieder gemacht ... musste mal den Server neu starten danach liefs wieder ...

Gruß Scratch