?
Solved

How do disable certificate validity

Posted on 2003-02-20
21
Medium Priority
?
2,223 Views
Last Modified: 2010-05-18
Hi!
I have a java client, and want to send data to https server.
My code is:
URL url = new URL("https://100.100.100.94/login.phtml");
       HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
       conn.setRequestMethod("POST");
       byte[] text = "password=http2&user=afs".getBytes();

       conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
       conn.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0");
       conn.setRequestProperty("Content-length", "" + text.length );      
 
       conn.setDoOutput(true);
   
       conn.connect();
       OutputStream out = conn.getOutputStream();
       out.write(text);
       out.flush();
       out.close();

       InputStream in = conn.getInputStream();
       System.out.println("in");
       System.out.println(in);
       String readInString="";
           int readInNum=0;
        while( (readInNum=in.read())!=-1){
          readInString=readInString +(char)readInNum


In http everything is ok.
But in https I receive exception:
java.security.cert.CertificateExpiredException:Notafter: Fri Dec 27 21:33:33 CET 2002.
Can you tell me how to ignore checking certificate validity?

Thanks!!!
0
Comment
Question by:czaron
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 9
  • 2
21 Comments
 
LVL 1

Expert Comment

by:tutran
ID: 7990252
Hi czaron,

You can implement a class that extends HostnameVerifier that always return true,  then set it in it your main class


conn.setHostnameVerifier(new TestVerifyer());



--- code for test veriffier

public class TestVerifier implements com.sun.net.ssl.HostnameVerifier {
/**
 * verify method comment.
 */
public boolean verify(String arg1, String arg2) {
     return true;
}
}
0
 
LVL 1

Expert Comment

by:tutran
ID: 7990275
Just want to make sure also that you have set the properties.

java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
Properties prp = System.getProperties();
prp.put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
System.setProperties(prp);

         
URL url = new URL("https://172.18.1.176:8080");
             
HttpsURLConnection conn = (com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection) url.openConnection();
conn.setDoInput(true);
conn.setUseCaches(false);
conn.setHostnameVerifier(new TestVerifyer());
0
 
LVL 3

Expert Comment

by:msterjev
ID: 7991930
HostnameVerifier has nothing to do with the certificate date! It exists solely because sometimes the URL can be typed as IP and sometimes as DNS!
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Author Comment

by:czaron
ID: 7992510
tutran:
Your idea is very complicated for me. I receive lots of errors during compilation.
e.g. setHostnameVerifier(javax.net.ssl.HostnameVerifier) in javax.net.ssl.HttpsURLConnection cannot be applied to (Fetcher.TestVerifier)
Do you know maybe another sollution??
I only want to accept an unvalid certificate.
(like in Internet Explorer)
Is it possible in java?

thanks,


0
 

Author Comment

by:czaron
ID: 7992516
msterjev :
So how can I accept an unvalid certificate??
(like e.g. in Internet Explorer)
0
 

Author Comment

by:czaron
ID: 7992583
msterjev :
So how can I accept an unvalid certificate??
(like e.g. in Internet Explorer)
0
 
LVL 1

Expert Comment

by:tutran
ID: 7995764
czaron, this to set the hostname verifier as follows.  You don't need to create a new class.  Use inline class, it's OK.

I think that you want to view certificate that has expired and the host verifier is the one that validate the hostname with Cerficate Authority (CA).  The new class will allow it to bypass the CA.


conn.setHostnameVerifier(new com.sun.net.ssl.HostnameVerifier() {
            public boolean verify(String arg1, String arg2) {
                return true;
            }
        });



----------- HERE'S MY COMPLETE SOURCE CODE -------------


package com.countrywide.cssd.dms.imaging.servlets;

import com.sun.net.ssl.internal.www.protocol.https.*;
import java.util.*;
import java.net.*;
import java.io.*;
/**
 * Insert the type's description here.
 * Creation date: (9/17/2002 9:09:03 AM)
 * @author: Administrator
 */
public class Tester {
   
/**
 * Tester constructor comment.
 */
public Tester() {
           super();
}
/**
 * Starts the application.
 * @param args an array of command-line arguments
 */
public static void main(java.lang.String[] args) {
    // Insert code to start the application here.

    String response = null;
    InputStreamReader in = null;
    BufferedReader br = null;

    try {

        java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
        Properties prp = System.getProperties();
        prp.put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
        System.setProperties(prp);

        URL url =
            new URL("https://investing.schwab.com/trading/signoff");
        HttpsURLConnection conn =
            (com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection) url
                .openConnection();
        conn.setDoInput(true);
        conn.setUseCaches(false);
        conn.setHostnameVerifier(new com.sun.net.ssl.HostnameVerifier() {
            public boolean verify(String arg1, String arg2) {
                return true;
            }
        });

        InputStream inStream = conn.getInputStream();
        FileOutputStream fos = new FileOutputStream("C:/report");

        BufferedInputStream bis = null;
        BufferedOutputStream bos = null;

        try {

            // Use Buffered Stream for reading/writing.
            bis = new BufferedInputStream(inStream);
            bos = new BufferedOutputStream(fos);

            byte[] buff = new byte[2048];
            int bytesRead;

            // Simple read/write loop.
            while (-1 != (bytesRead = bis.read(buff, 0, buff.length))) {
                bos.write(buff, 0, bytesRead);
                System.out.println(bytesRead);
            }

        } catch (final MalformedURLException e) {
            System.out.println("MalformedURLException.");
            throw e;
        } catch (final IOException e) {
            System.out.println("IOException.");
            throw e;
        } finally {
            if (bis != null)
                bis.close();
            if (bos != null)
                bos.close();
        }

    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        try {
            if (in != null)
                in.close();
            if (br != null)
                br.close();

        } catch (Exception e) {

        }

    }

}
}
0
 

Author Comment

by:czaron
ID: 8070768
Hi Tutran
During compiling your code, I receive eroor:

setHostnameVerifier(javax.net.ssl.HostnameVerifier) in javax.net.ssl.HttpsURLConnection cannot be applied to (<anonymous com.sun.net.ssl.HostnameVerifier>)
 
in line:

conn.setHostnameVerifier(new com.sun.net.ssl.HostnameVerifier() {

what does anonymus mean???

thanks for help,
Czrek
0
 
LVL 1

Expert Comment

by:tutran
ID: 8073182
czaron,

1)  Make sure you have included JSSE 1.0.3 jars in your classpath: jcert.jar, jnet.jar, jsse.jar

2) I use JDK 1.3 and it works fine for me.

3)  HttpsURLConnection conn >> from what package are you using.

4) Did you forget to set new protocol handler before making a connection?

       java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
       Properties prp = System.getProperties();
       prp.put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
       System.setProperties(prp);

5) Anonymous class means that you just extend or implement something on the fly and don't use it again in other code and specify abstract methods inline.  This way, you don't need to create an independent class.  The new class reside inside the method.
0
 
LVL 1

Expert Comment

by:tutran
ID: 8073738
czaron,

1)  Make sure you have included JSSE 1.0.3 jars in your classpath: jcert.jar, jnet.jar, jsse.jar

2) I use JDK 1.3 and it works fine for me.

3)  HttpsURLConnection conn >> from what package are you using.

4) Did you forget to set new protocol handler before making a connection?

       java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
       Properties prp = System.getProperties();
       prp.put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
       System.setProperties(prp);

5) Anonymous class means that you just extend or implement something on the fly and don't use it again in other code and specify abstract methods inline.  This way, you don't need to create an independent class.  The new class reside inside the method.
0
 

Author Comment

by:czaron
ID: 8080076
in line:
 com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection conn =
           (com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection) url
               .openConnection();

during running I receive an exception: java.lang.Classexception...

tutran - do you know how to get rid of it??
0
 
LVL 1

Expert Comment

by:tutran
ID: 8081799
czaron.

It seems that you don't have JSSE in your class path.

Download JSSE1.0.3 here:
http://java.sun.com/products/jsse/index-103.html


when you run, make sure to include these three jars in classpath using java -classpath... command


0
 

Author Comment

by:czaron
ID: 8082244
tutran: I've included in my classpath : jcert.jar, jnet.jar, jsse.jar.
It'd didn't help.



0
 
LVL 1

Expert Comment

by:tutran
ID: 8083179
1) How do you specify class path.  Post your command here.

2) Post your entire code here.
0
 
LVL 1

Expert Comment

by:tutran
ID: 8083186
Also, try modifying this code to call your server program

package sao.servlets;

import com.sun.net.ssl.internal.www.protocol.https.*;
import java.util.*;
import java.net.*;
import java.io.*;
/**
 * Insert the type's description here.
 * Creation date: (02/12/2003 10:53:24 AM)
 * @author:
 */
public class ClientTest {
/**
 * ClientTest constructor comment.
 */
public ClientTest() {
     super();
}
/**
 * Insert the method's description here.
 * Creation date: (02/12/2003 10:54:01 AM)
 * @param args java.lang.String[]
 */
public static void main(String[] args) {
    try {

        java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
        Properties prp = System.getProperties();
        prp.put("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
        System.setProperties(prp);

        URL url =
            new URL(
                "https://<SOME URL>");

        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();

        conn.setHostnameVerifier(new com.sun.net.ssl.HostnameVerifier() {
            public boolean verify(String arg1, String arg2) {
                return true;
            }
        });

        System.out.println("conn");
        System.out.println(conn); // O.K/

        conn.setRequestMethod("POST");

        byte[] text = "".getBytes();

        //Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */*
        //Accept-Language: en-us

        conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        conn.setRequestProperty(
            "User-Agent",
            "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0");
        conn.setRequestProperty("Content-length", "" + text.length);

        conn.setDoOutput(true);

        conn.connect();
        OutputStream out = conn.getOutputStream();
        System.out.println("out");
        System.out.println(out); //EMPTY...??

        out.write(text);
        out.flush();
        out.close();
        InputStream in = conn.getInputStream();

        InputStream inStream = conn.getInputStream();
        FileOutputStream fos = new FileOutputStream("C:/report.pdf");

        BufferedInputStream bis = null;
        BufferedOutputStream bos = null;

        try {

            // Use Buffered Stream for reading/writing.
            bis = new BufferedInputStream(inStream);
            bos = new BufferedOutputStream(fos);

            byte[] buff = new byte[2048];
            int bytesRead;

            // Simple read/write loop.
            while (-1 != (bytesRead = bis.read(buff, 0, buff.length))) {
                bos.write(buff, 0, bytesRead);
                System.out.println(bytesRead);
            }

        } catch (final MalformedURLException e) {
            System.out.println("MalformedURLException.");
            throw e;
        } catch (final IOException e) {
            System.out.println("IOException.");
            throw e;
        } finally {
            if (bis != null)
                bis.close();
            if (bos != null)
                bos.close();
        }

        System.out.println("in");
        System.out.println(in); //O.K.
        conn.disconnect();
    } catch (Exception e) {
    }

}
}
0
 

Author Comment

by:czaron
ID: 8083793
tutran: I've included in my classpath : jcert.jar, jnet.jar, jsse.jar.
It'd didn't help.



0
 

Author Comment

by:czaron
ID: 8115183
Hi Tutran!
You're right, but... it works only for some servers.
I use java 1.4 and <com.sun.net.ssl> is not available, I use <javax.net.ssl> packages.
But I can't connect to my https server, and some other.
I can't compile line:
java.security.Security.addProvider(new Provider())
Without this line I can only connect to some server, as I said.

Do you know the solution? thanks,

Czaron
0
 

Author Comment

by:czaron
ID: 8115198
During running program I receive exception:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Co
uldn't find trusted certificate



Here's my code::

import java.util.*;
import java.net.*;
import java.io.*;

import java.lang.String.*;
import java.lang.Object.*;

import javax.net.ssl.HttpsURLConnection.*;
import javax.net.ssl.*;
import javax.net.*;
import java.security.*;
             

public class Fetcher {

public Fetcher() {
          super();
}
public static void main(String[] args)
          throws IOException {
try {

       //java.security.Security.addProvider(new Provider());  //?????
       Properties prp = System.getProperties();
       prp.put("java.protocol.handler.pkgs", "javax.net.ssl");
       System.setProperties(prp);
     
URL url = new URL("https://192.168.1.1/login.html");

//URL url = new URL("https://poczta.onet.pl/login.html");
       System.out.println(url.openConnection());

      HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
      conn.setDoInput(true);
      conn.setUseCaches(false);
      conn.setHostnameVerifier(new HostnameVerifier() {
           public boolean verify(String arg1, SSLSession arg2) {
              return true;
           }
       });
       
       conn.setRequestMethod("POST");

       byte[] text = "password=httpS&user=afs".getBytes();
       
       conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
       conn.setRequestProperty("User-Agent","Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0");
       conn.setRequestProperty("Content-length", "" + text.length);      
               
       conn.setDoOutput(true);
       conn.connect();
       OutputStream out = conn.getOutputStream();
       System.out.println("out");
       System.out.println(out);

        out.write(text);
       out.flush();
       out.close();
       InputStream in = conn.getInputStream();
       System.out.println("in");
       System.out.println(in); //O.K.
       String readInString="";
           int readInNum=0;
        while( (readInNum=in.read())!=-1){
          readInString=readInString +(char)readInNum;
        }
        System.out.println("response from server="+readInString);                                      
       conn.disconnect();

   }   catch (Exception e) { System.out.println("exception!!");System.out.println(e);
   }

        System.out.println("zamykamy...");
     
}
}
0
 
LVL 1

Accepted Solution

by:
tutran earned 240 total points
ID: 8115286
Sorry, I misguided you with older version of Java.  Try using the tips from this url.  Same concept with different syntax.  Look at the bottom of the page:

http://developer.java.sun.com/developer/technicalArticles/Security/secureinternet2/
0
 

Author Comment

by:czaron
ID: 8150838
My program works good!:)
Thanks for help tutran
0
 
LVL 3

Expert Comment

by:msterjev
ID: 8151104
I can't understand your conversation! What are you talking about? As I sad before, the HostnameVerifier has nothing to do with the expiration of the certificate!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After being asked a question last year, I went into one of my moods where I did some research and code just for the fun and learning of it all.  Subsequently, from this journey, I put together this article on "Range Searching Using Visual Basic.NET …
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
Suggested Courses
Course of the Month12 days, 6 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question