Hi!
I want to create a request over SSL to a REST webservice, using keystore and
password. The approach I have used previously with blocking jersey client
doesn't work with non-blocking client. I create an SSLContext and blocking
client seems to be using it automatically. Unfortunately with non-blocking
client that is not the case.
protected void initSSL() throws Exception {
ClientConfig config = new DefaultNonBlockingClientConfig();
restClient = NonBlockingClient.create(config);
KeyStore ks = KeyStore.getInstance("JKS");
char passphrase[] = passkey.toCharArray();
FileInputStream fis = null;
try {
fis = new FileInputStream(keystore);
ks.load(fis, passphrase);
} catch (FileNotFoundException e) {
ATLogger.warn(Component.bot, "Keystore not found!", this,
getTest(), this);
} finally {
if (fis != null) {
fis.close();
}
}
KeyManagerFactory keyManagerFactory = KeyManagerFactory
.getInstance("SunX509");
keyManagerFactory.init(ks, passphrase);
KeyManager[] kms = keyManagerFactory.getKeyManagers();
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager()
{
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
} };
SSLContext context = SSLContext.getInstance("SSL");
context.init(kms, trustAllCerts, null);
SSLContext.setDefault(context);
}
The following exception occurs:
java.util.concurrent.ExecutionException: java.net.ConnectException: Received
fatal alert: handshake_failure to <address omitted>
at java.util.concurrent.FutureTask$Sync.innerGet(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at <package omitted>.RESTRequest$1.onComplete(RESTRequest.java:250)
at
com.sun.jersey.api.client.AsyncWebResource$3.done(AsyncWebResource.java:746)
at java.util.concurrent.FutureTask$Sync.innerSetException(Unknown Source)
at java.util.concurrent.FutureTask.setException(Unknown Source)
at
com.sun.jersey.client.impl.async.FutureClientResponseListener.onComplete(FutureClientResponseListener.java:111)
at
com.sun.jersey.client.non.blocking.NonBlockingAsyncWebResource$2.run(NonBlockingAsyncWebResource.java:244)
at
com.sun.jersey.client.non.blocking.NonBlockingAsyncWebResource$3.execute(NonBlockingAsyncWebResource.java:253)
at
com.ning.http.client.listenable.ExecutionList$RunnableExecutorPair.execute(ExecutionList.java:128)
at
com.ning.http.client.listenable.ExecutionList.run(ExecutionList.java:113)
at
com.ning.http.client.listenable.AbstractListenableFuture.done(AbstractListenableFuture.java:67)
at
com.ning.http.client.providers.netty.NettyResponseFuture.abort(NettyResponseFuture.java:304)
at
com.ning.http.client.providers.netty.NettyConnectListener.operationComplete(NettyConnectListener.java:99)
at
org.jboss.netty.channel.DefaultChannelFuture.notifyListener(DefaultChannelFuture.java:381)
at
org.jboss.netty.channel.DefaultChannelFuture.notifyListeners(DefaultChannelFuture.java:367)
at
org.jboss.netty.channel.DefaultChannelFuture.setFailure(DefaultChannelFuture.java:334)
at
org.jboss.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1044)
at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:940)
at org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:605)
at
org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:282)
at
org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:216)
at
org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:80)
at
org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at
org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:274)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:261)
at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:349)
at
org.jboss.netty.channel.socket.nio.NioWorker.processSelectedKeys(NioWorker.java:280)
at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:200)
at
org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
at
org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:44)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.ConnectException: Received fatal alert:
handshake_failure to <address omitted>
at
com.ning.http.client.providers.netty.NettyConnectListener.operationComplete(NettyConnectListener.java:95)
... 21 more
Caused by: javax.net.ssl.SSLException: Received fatal alert:
handshake_failure
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.SSLEngineImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLEngineImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLEngineImpl.readNetRecord(Unknown Source)
at sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:881)
... 16 more
Can't find solution by myself.
Kaarel
--
View this message in context: http://jersey.576304.n2.nabble.com/SSL-handshake-problem-with-jersey-non-blocking-client-tp7290425p7290425.html
Sent from the Jersey mailing list archive at Nabble.com.