HTTPs over a proxy with apache http client
The problem was in the proxy declaration, I had to specify "http" instead of "https":
client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
new HttpHost("proxy.int", 8080, "http"));
nablex
Updated on June 14, 2022Comments
-
nablex almost 2 years
I have a http client which is based on the apache http client and it seems to have no problem with ssl certificates. I have a unit test for both globally recognized certs and self signed certs with a custom SSLSocketFactory.
However when I ran the same code behind a proxy, it stopped working. I keep getting this dreaded exception:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
I reduced the code to the bare minimum and it still throws the same exception. The code:
URI uri = new URI("https://www.google.com"); DefaultHttpClient client = new DefaultHttpClient(); client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, new HttpHost("proxy.int", 8080, "https")); HttpUriRequest request = new HttpGet(uri); HttpResponse response = client.execute(request);
I wasn't sure if it uses the default ssl settings if nothing is specified so I added it explicitly as well:
URI uri = new URI("https://www.google.com"); DefaultHttpClient client = new DefaultHttpClient(); client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, new HttpHost("proxy.int", 8080, "https")); client.getConnectionManager().getSchemeRegistry().register( new Scheme("https", 443, SSLSocketFactory.getSystemSocketFactory())); HttpUriRequest request = new HttpGet(uri); HttpResponse response = client.execute(request);
I also tried the getSocketFactory() (not entirely sure what the difference is with getSystemSocketFactory()), still the same error though.
EDIT:
The proxy has optional authentication and I have tried both with and without. The authentication information was set using the following code:
client.getCredentialsProvider().setCredentials( new AuthScope("proxy.int", 8080), new UsernamePasswordCredentials("user", "password") );
Exactly the same error.
-
Santosh over 11 yearsDoes the proxy server need authentication ?
-
nablex over 11 yearsIt's optional authentication and I have tried with and without (more details added to question)
-