Solved

Spring REST Call Problem: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Posted on 2013-01-17
3
3,666 Views
Last Modified: 2013-01-18
We could use some help resolving a problem calling/consuming a RESTful web service from a https URL via Springs REST Template. Previous to a recent change of the URL from http to https we have been pulling content via Spring's RestTemplate without any problems.

The following outlines how an instance of Resttemplate is being created before making the following successful call: restTemplate.getForObject(url, String.class) to a http URL :

 
  /**
      * Get Rest Template
      * @return
      */
      public RestTemplate getRestTemplate() {
                
        ContextAwareHttpComponentsClientHttpRequestFactory customRequestFactory = getRequestFactory();
        RestTemplate restTemplate = new RestTemplate(customRequestFactory);
        return restTemplate;

      }
    
    /**
      * Set Rest Template Request Factory
      * @return
      */
      public void setRestTemplateRequestFactory( ) {
          
        ContextAwareHttpComponentsClientHttpRequestFactory customRequestFactory = getRequestFactory();
        this.restTemplate.setRequestFactory(customRequestFactory);
   
      }
    
    /**
      * Get Request Factory
      * @return
      */

      private ContextAwareHttpComponentsClientHttpRequestFactory getRequestFactory() {
          
          HttpHost targetHost = new HttpHost(Service_URL_Base());             
      DefaultHttpClient httpclient = new DefaultHttpClient();
      httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(API_USERNAME, API_PASSWORD));
      
      // Create AuthCache instance
      AuthCache authCache = new BasicAuthCache();

      // Generate BASIC scheme object and add it to the local auth cache
      BasicScheme basicAuth = new BasicScheme();
      authCache.put(targetHost, basicAuth);

      // Add AuthCache to the execution context
      BasicHttpContext localcontext = new BasicHttpContext();
      localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
      ContextAwareHttpComponentsClientHttpRequestFactory customFactory = new ContextAwareHttpComponentsClientHttpRequestFactory( httpclient);
      customFactory.setHttpContext(localcontext);

      return customFactory;

      }
   
    /**
      * closeConnection
      * @return
      */
    private void closeConnection(RestTemplate restTemplate) {

      ((ContextAwareHttpComponentsClientHttpRequestFactory) restTemplate
      .getRequestFactory()).getHttpClient().getConnectionManager()
      .shutdown();

      }

Open in new window



After the URL change from http to https we are now experiencing the following error:

org.springframework.web.client.ResourceAccessException: I/O error on GET request for THE https:// site HERE :peer not authenticated; nested exception is javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Open in new window



We do not care if a certificate is valid or not.  Hopefully that might simplify a solution. We are not sure how to incorporate code into the RestTemplate scenario that will
help avoid the javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated error?

Does anyone have any background with any of this, with possible working example?  We have not been able to confidently find an example of something that will work for us with some explainationof where and how to implement in our Spring Rest template scenario.  Again disabling that SSL check is something that should work for us.

Thanks
0
Comment
Question by:West100
  • 2
3 Comments
 
LVL 35

Accepted Solution

by:
mccarl earned 500 total points
Comment Utility
Ok, so the LINK that I posted in your other question should work pretty much AS-IS for your case (since you are also creating your DefaultHttpClient in code). Did you try it? You should just need to copy the class that they give code for, WebClientDevWrapper, and change line 32 in your code above to...
DefaultHttpClient httpclient = WebClientDevWrapper.wrapClient(new DefaultHttpClient());

Open in new window

0
 

Author Closing Comment

by:West100
Comment Utility
Yes, the Link you posted is just what we needed. We created a class that basically is the WebClientDevWrapper class and called it from our code and everything looks good seems to be running as expected.

Thanks for the help.
0
 
LVL 35

Expert Comment

by:mccarl
Comment Utility
Not a problem ;)
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
This is about my first experience with programming Arduino.
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now