Ola,
estou tentando acessar um url HTTPS com um certificado e recebo o erro:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:101)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:381)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
Os passos que eu fiz foram:
1 - Instalei via assitente do windows o certificado(arquivo .pfx).
2- exportei gerando um .cer
3- importei o .cer com o comando:
keytool -importcert -file <PATH>/myFile.cer
4 - gerei o .jks com o comando:
keytool -importcert -file <PATH>/myFile.cer -keystore <PATH>/myFile.jks -storepass myStorePass
e o seguinte codigo:
DefaultHttpClient httpclient = new DefaultHttpClient();
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream instream = HTTPSClient.class.getResourceAsStream("/myFile.jks");
try {
trustStore.load(instream, "myStorePass".toCharArray());
} finally {
instream.close();
}
SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
Scheme sch = new Scheme("https", socketFactory, 443);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
HttpPost httppost = new HttpPost(url);
System.out.println("executing request" + httppost.getRequestLine());
HttpResponse response = httpclient.execute(httppost);
conforme exemplo dos docs:
http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.0.x/httpclient/src/examples/org/apache/http/examples/client/ClientCustomSSL.java
Alguem sabe o que pode estar acontecendo?
[]´s