2 Replies Latest reply on Apr 22, 2013 8:08 PM by user8812967

    Getting SSL error even after ignoring it using TrustManager


      I am trying to bypass certificate using the following code :

      private static HttpClient wrapClient(HttpClient base)
      throws AGException
      SSLContext ctx = SSLContext.getInstance("TLS");

      X509TrustManager tm = new X509TrustManager()
      public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException

      public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {

      public X509Certificate[] getAcceptedIssuers() {
      return null;
      ctx.init(null, new TrustManager[] { tm }, null);

      SSLSocketFactory ssf = new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

      // ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

      ClientConnectionManager ccm = base.getConnectionManager();

      SchemeRegistry sr = ccm.getSchemeRegistry();

      sr.register(new Scheme("https", 443, ssf));

      return new DefaultHttpClient(ccm, base.getParams());
      catch (NoSuchAlgorithmException nsaex)
      throw new AGException(nsaex, "Not able to get the SSL Context");
      catch (KeyManagementException kmex) {
           throw new AGException(kmex, "Not able to get the SSL Context");

      but still getting the below error
      javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
      Just to brief my assigment :

      i am using putty to tunnel to a server and making SOAP over https call to connect to that server
      but receiving the same error even trying using above code.

      Any help/suggesstions would be greatly appricates.
      Thanks in advance.