HTTPS connection problems
Good Morning,
Okay I need some help with this one. The powers that be want me to connect to a HTTPS site and read some date. Simple enough....then i realized that i use java 1.3.1 without JSSE, making this pretty hard. I told them it wasn't possible actually, they came back and gave me some code that should help the new guy since he can't help himself. Sooo before i go back to my coworker and tell him he's an idiot. i want to make sure I'm not the idiot (too late!)
basically the code is pretty standard he said the trick is to set the protocol to allow https
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// Simply set the protocol handler property to use SSL.
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.debug","all");
URL url =new URL(urlString);
HttpURLConnection urlc = (HttpURLConnection) url.openConnection();
ect...
First the HttpUrlconnection part doesn't look correct, i thought it was supopsed to be HttpsURLConnection.
Second, I'm getting a cannot resolve symbol error on the line
Security.addProvider(new com.sun.net.ssl.internal.Provider());
Do i need JSSE to get this to work (or java >=1.4) or am i missing something here?
Thanks
[1585 byte] By [
tfecwa] at [2007-10-1 1:51:19]
I use JDK 1.4 and use the following to read from HTTPS:
/**
* When reading the content from a HTTPS connection, a <code>javax.net.ssl.SSLException:
* untrusted server cert chain</code> can be thrown for untrusted servers. To force reading from such
* untrusted servers, this method installs a 'all-trustung' trust manager that returns 'true' for all
* servers.To read from a https connection, you need to call this method and install a dummy host name
* verifier:
*
* <center><table bgcolor="#ddddff" border=1 cellpadding="10" cellspacing="0"><tr><td><pre>
* HttpURLConnection con = (HttpURLConnection) url.openConnection();
* ((javax.net.ssl.HttpsURLConnection) con).setHostnameVerifier(new javax.net.ssl.HostnameVerifier() {
*public boolean verify(String hostname, javax.net.ssl.SSLSession session) {
* return true;
*}
* });
* </pre></td></tr></table></center>
*
* @throws Exception if installation of the new trust manager failed.
*/
static public void trustHttpsCertificates() throws Exception {
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
//Create a trust manager that does not validate certificate chains:
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
return;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
return;
}
}//X509TrustManager
};//TrustManager[]
//Install the all-trusting trust manager:
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}//trustHttpsCertificates()
I know I know...I'll be a little more diplomatic, I'm just sort of irrated about this.
I already asked for some help and specifically asked the guy if we needed JSSE, he pretty much ignored me and sent me code that i think uses JSSE (which was the original question i posted)
The certifcates the problem because it's outdated. So..basically they don't want to get a new certificate so they wanted me to work around it, which i did, but it entailed basically shutting off part of the SSL handshake for the entire app which *apperently* isn't an option ;)
I wouldn't dream of calling anyone round here an idiot. I like things like eating, and putting gas in my car too much
