setTrustManagerJSSE and weblogic.net.http.HttpsURLConnection - Weblogic

This is a discussion on setTrustManagerJSSE and weblogic.net.http.HttpsURLConnection - Weblogic ; Hello all am trying to interact with a server over https. The qa server has a certificate that is somehow inadequate. The message I get is "CERT_CHAIN_INCOMPLETE" So I creaated a DummyTrustManager that has certificateCallback method that always returns true. ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: setTrustManagerJSSE and weblogic.net.http.HttpsURLConnection

  1. setTrustManagerJSSE and weblogic.net.http.HttpsURLConnection

    Hello all
    am trying to interact with a server over https.
    The qa server has a certificate that is somehow inadequate.
    The message I get is "CERT_CHAIN_INCOMPLETE"
    So I creaated a DummyTrustManager that has certificateCallback method
    that always returns true. Then I do
    weblogic.security.SSL.SSLContext sslctx =
    weblogic.security.SSL.SSLContext.getInstance ("https");

    sslctx.setTrustManagerJSSE(new
    matador.framework.utils.DummyTrustManager());


    After this instead of going the SocketFactory/Sockets way I would like
    to do

    String sURL = "https://www.xxx.xom/....";
    URL myURL = new URL(sURL);
    conn = new weblogic.net.http.HttpsURLConnection(myURL);
    conn.connect();
    ..
    ..
    ..

    but this way the DummyTrustManager.certificateCallback() never gets
    called.
    The WL documtation does not document anything like this.
    Is it possble to do it this way?

    yazar

  2. Re: setTrustManagerJSSE and weblogic.net.http.HttpsURLConnection

    From: "Tony"
    Newsgroups: weblogic.developer.interest.security
    References: <8a8edccc.0307311940.70ffdd42@posting.google.com>
    Subject: Re: setTrustManagerJSSE and weblogic.net.http.HttpsURLConnection
    Date: Wed, 13 Aug 2003 08:57:45 -0400
    Lines: 52
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Newsreader: Microsoft Outlook Express 5.50.4807.1700
    X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
    NNTP-Posting-Host: 216.148.48.18
    X-Original-NNTP-Posting-Host: 216.148.48.18
    Message-ID: <3f3a360d@newsgroups.bea.com>
    X-Trace: newsgroups.bea.com 1060779533 216.148.48.18 (13 Aug 2003 05:58:53 -0700)
    X-Original-Trace: 13 Aug 2003 05:58:53 -0700, 216.148.48.18
    Organization: BEA NEWS SITE
    XPident: Unknown
    Path: newsgroups.bea.com!not-for-mail
    Xref: newsgroups.bea.com weblogic.developer.interest.security:10513

    I think the step you are missing was getting the ssl factory from the ssl
    context and
    setting it on the HttpsURLConnection so it will use that factory.

    Try this:

    weblogic.security.SSL.SSLContext sslctx =
    weblogic.security.SSL.SSLContext.getInstance ("https");
    sslctx.setTrustManagerJSSE(new
    matador.framework.utils.DummyTrustManager());
    String sURL = "https://www.xxx.xom/....";
    URL myURL = new URL(sURL);
    conn = new weblogic.net.http.HttpsURLConnection(myURL);
    --> conn.setSSLSocketFactory(sslctx.getSocketFactoryJS SE());
    conn.connect();

    Tony

    "Shivaji Bhosle" wrote in message
    news:8a8edccc.0307311940.70ffdd42@posting.google.c om...
    > Hello all
    > am trying to interact with a server over https.
    > The qa server has a certificate that is somehow inadequate.
    > The message I get is "CERT_CHAIN_INCOMPLETE"
    > So I creaated a DummyTrustManager that has certificateCallback method
    > that always returns true. Then I do
    > weblogic.security.SSL.SSLContext sslctx =
    > weblogic.security.SSL.SSLContext.getInstance ("https");
    >
    > sslctx.setTrustManagerJSSE(new
    > matador.framework.utils.DummyTrustManager());
    >
    >
    > After this instead of going the SocketFactory/Sockets way I would like
    > to do
    >
    > String sURL = "https://www.xxx.xom/....";
    > URL myURL = new URL(sURL);
    > conn = new weblogic.net.http.HttpsURLConnection(myURL);
    > conn.connect();
    > .
    > .
    > .
    >
    > but this way the DummyTrustManager.certificateCallback() never gets
    > called.
    > The WL documtation does not document anything like this.
    > Is it possble to do it this way?
    >
    > yazar




+ Reply to Thread