Hello,
looks like you've found a bug. This was not considered when non-blocking
client integration was done. Can you please file new issue and assign it
to me?
Thanks,
Pavel
On 2/16/12 10:20 AM, khanson wrote:
> Hi!
>
> I want to create a request over SSL to a REST webservice, using keystore and
> password. The approach I have used previously with blocking jersey client
> doesn't work with non-blocking client. I create an SSLContext and blocking
> client seems to be using it automatically. Unfortunately with non-blocking
> client that is not the case.
>
> protected void initSSL() throws Exception {
> ClientConfig config = new DefaultNonBlockingClientConfig();
> restClient = NonBlockingClient.create(config);
> KeyStore ks = KeyStore.getInstance("JKS");
>
> char passphrase[] = passkey.toCharArray();
> FileInputStream fis = null;
> try {
> fis = new FileInputStream(keystore);
> ks.load(fis, passphrase);
> } catch (FileNotFoundException e) {
> ATLogger.warn(Component.bot, "Keystore not found!", this,
> getTest(), this);
> } finally {
> if (fis != null) {
> fis.close();
> }
> }
>
> KeyManagerFactory keyManagerFactory = KeyManagerFactory
> .getInstance("SunX509");
> keyManagerFactory.init(ks, passphrase);
> KeyManager[] kms = keyManagerFactory.getKeyManagers();
>
> TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager()
> {
> public java.security.cert.X509Certificate[] getAcceptedIssuers() {
> return null;
> }
>
> public void checkClientTrusted(
> java.security.cert.X509Certificate[] certs, String authType) {
> }
>
> public void checkServerTrusted(
> java.security.cert.X509Certificate[] certs, String authType) {
> }
> } };
>
> SSLContext context = SSLContext.getInstance("SSL");
> context.init(kms, trustAllCerts, null);
> SSLContext.setDefault(context);
> }
>
> The following exception occurs:
>
> java.util.concurrent.ExecutionException: java.net.ConnectException: Received
> fatal alert: handshake_failure to<address omitted>
> at java.util.concurrent.FutureTask$Sync.innerGet(Unknown Source)
> at java.util.concurrent.FutureTask.get(Unknown Source)
> at<package omitted>.RESTRequest$1.onComplete(RESTRequest.java:250)
> at
> com.sun.jersey.api.client.AsyncWebResource$3.done(AsyncWebResource.java:746)
> at java.util.concurrent.FutureTask$Sync.innerSetException(Unknown Source)
> at java.util.concurrent.FutureTask.setException(Unknown Source)
> at
> com.sun.jersey.client.impl.async.FutureClientResponseListener.onComplete(FutureClientResponseListener.java:111)
> at
> com.sun.jersey.client.non.blocking.NonBlockingAsyncWebResource$2.run(NonBlockingAsyncWebResource.java:244)
> at
> com.sun.jersey.client.non.blocking.NonBlockingAsyncWebResource$3.execute(NonBlockingAsyncWebResource.java:253)
> at
> com.ning.http.client.listenable.ExecutionList$RunnableExecutorPair.execute(ExecutionList.java:128)
> at
> com.ning.http.client.listenable.ExecutionList.run(ExecutionList.java:113)
> at
> com.ning.http.client.listenable.AbstractListenableFuture.done(AbstractListenableFuture.java:67)
> at
> com.ning.http.client.providers.netty.NettyResponseFuture.abort(NettyResponseFuture.java:304)
> at
> com.ning.http.client.providers.netty.NettyConnectListener.operationComplete(NettyConnectListener.java:99)
> at
> org.jboss.netty.channel.DefaultChannelFuture.notifyListener(DefaultChannelFuture.java:381)
> at
> org.jboss.netty.channel.DefaultChannelFuture.notifyListeners(DefaultChannelFuture.java:367)
> at
> org.jboss.netty.channel.DefaultChannelFuture.setFailure(DefaultChannelFuture.java:334)
> at
> org.jboss.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1044)
> at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:940)
> at org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:605)
> at
> org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:282)
> at
> org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:216)
> at
> org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:80)
> at
> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
> at
> org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
> at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:274)
> at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:261)
> at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:349)
> at
> org.jboss.netty.channel.socket.nio.NioWorker.processSelectedKeys(NioWorker.java:280)
> at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:200)
> at
> org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
> at
> org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:44)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
> at java.lang.Thread.run(Unknown Source)
> Caused by: java.net.ConnectException: Received fatal alert:
> handshake_failure to<address omitted>
> at
> com.ning.http.client.providers.netty.NettyConnectListener.operationComplete(NettyConnectListener.java:95)
> ... 21 more
> Caused by: javax.net.ssl.SSLException: Received fatal alert:
> handshake_failure
> at sun.security.ssl.Alerts.getSSLException(Unknown Source)
> at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
> at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
> at sun.security.ssl.SSLEngineImpl.recvAlert(Unknown Source)
> at sun.security.ssl.SSLEngineImpl.readRecord(Unknown Source)
> at sun.security.ssl.SSLEngineImpl.readNetRecord(Unknown Source)
> at sun.security.ssl.SSLEngineImpl.unwrap(Unknown Source)
> at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
> at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:881)
> ... 16 more
>
> Can't find solution by myself.
>
> Kaarel
>
> --
> View this message in context: http://jersey.576304.n2.nabble.com/SSL-handshake-problem-with-jersey-non-blocking-client-tp7290425p7290425.html
> Sent from the Jersey mailing list archive at Nabble.com.
>