Discussion :

[devdev2003]

Je suis entrain de developper un client java qui se connecte a une servlet (web service) en HTTPS / SSL , mon application passe par le proxy.

Voilà le code :

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
 
package sslproject;
 
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.MalformedURLException;
import java.net.URL;
import javax.net.ssl.*;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
 
 
 
public class HtpsConnection {
	public static String urlHost ="https://X.X.X.X:443/PathServle";
 
	public static void main (String[] args) throws IOException {
		System.out.println(getPage(urlHost).toString());
	}
 
	public static StringBuffer getPage(String urlString)
	{
   	public static String  proxyPwd = "proxyPWD";
	public static String proxyUser = "proxyUSER";
	public static String proxyHost = "proxyIP";
	public static int    proxyPort = port_proxy;
 
        System.getProperties().put("javax.net.debug", "ssl" );
	System.getProperties().put("https.proxySet", "true");
        System.getProperties().put("https.proxyHost", proxyHost);
        System.getProperties().put("https.proxyPort", proxyPort);
 
 
        TrustManager[] trustAllCerts = new TrustManager[]{
			new X509TrustManager() {
			public boolean checkClientTrusted(java.security.cert.X509Certificate[] chain){
			return true;
			}
			public boolean isServerTrusted(java.security.cert.X509Certificate[] chain){
			return true;
			}
			public boolean isClientTrusted(java.security.cert.X509Certificate[] chain){
			return true;
			}
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
			return null;
			}
			public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
			public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {}
			}
 
		};
 
        try
        {
	        SSLContext sc = SSLContext.getInstance("SSL");
	        sc.init(null, trustAllCerts, null);
	        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        }
        catch(NoSuchAlgorithmException nsae)
        {}
        catch(KeyManagementException kme)
        {
        	kme.printStackTrace();
        }
 
        try
		{
			HttpsURLConnection connec = null;
			URL url = new URL(urlString);
			connec = (HttpsURLConnection)url.openConnection();
			connec.setDoInput(true);
            connec.setUseCaches(false);
 
            String authentication = proxyUser + ":" + proxyPwd;
            String encodedPassword = "Basic " + new sun.misc.BASE64Encoder().encode(authentication.getBytes());
            connec.setRequestProperty("Proxy-Authorization", encodedPassword);
            //connec.setRequestProperty("X-TestHeader", "value");
 
            connec.setRequestMethod("POST");
            connec.setDoOutput(true);
 
            String msg;
 
            msg= "---"+"\r\n";
 
            int statusCode = connec.getResponseCode();
 
            //System.err.println("Certificats  --->"+connec.getServerCertificates());
            System.err.println("HEADER --->"+connec.getHeaderFields());
 
            StringBuffer pageContents = new StringBuffer();
            if(statusCode==HttpsURLConnection.HTTP_OK)
            {
				System.err.println("Connected ...!");
 
				BufferedReader in = new BufferedReader(new InputStreamReader(connec.getInputStream()));
 
				PrintWriter out = new PrintWriter(connec.getOutputStream(), true );
            	out.println(msg);
 
				String curLine = in.readLine();
				 while(curLine!=null)
				 {
					pageContents.append(curLine);
					curLine = in.readLine();
				 }
            }
            return pageContents;
		}
		catch(MalformedURLException mue)
		{
			mue.printStackTrace();
		}
		catch(IOException ioe)
		{
			ioe.printStackTrace();
		}
 
		return null;
	}
}

Voilà la réponse :

HEADER --->{null=[HTTP/1.1 500 Internal Server Error], Content-Length=[101], Connection=[Close], Date=[Fri, 01 Dec 2006 11:38:11 GMT], Content-Type=[text/html]}

Sou unix/linx j'ai executer la command wget voilà le résultat :

root@becane:~#wget X.X.X.X 443
...
Connecting to X.X.X.X:443... connected.
ERROR: Certificate verification error for X.X.X.X : unable to get local issuer certificate
ERROR: certificate common name `X.X.X.X' doesn't match requested host name `X.X.X.X:443'.
To connect to X.X.X.X:443 insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.
--17:19:09-- http://443/
=> `index.html.1'
Resolving 443... 0.0.1.187
Connecting to 443|0.0.1.187|:80... failed: Invalid argument.
FINISHED --17:19:09--
Downloaded: 0 bytes in 0 files

Apparament j'ai un problème de certificat !

Comment utiliser le certificat du serveur https dans le code client java ?
Et comment fait on pour l'obtenir ?

Est ce que quelqu'un peut m'expliquer comment résoudre le problème est établir une connexion https ?

Des exemples de code sa serai sympa.

Merci d'avance