I know that there are feature requests related to HttpUnit not supporting SSL when using IBM's version of Java. But I'm hoping that someone on here can help with a workaround
I have a working version of my application running under SUN's JSSE on windows, but the deployed environment will use IBM's JSSE on Linux.
On the Linux system, I believe my keystore is ok, I created it using the keytool supplied with IBM Java. I have a Jetty server running and using it and I can connect over https successfully using a browser with no problems.
I edited com.meterware.httpunit.HttpsProtocolSupport
and changed the default behaviour of trying to use Sun's implementation of JSSE.
I'm using a self signed certificate, and have added my certifictate authority to cacerts file.
However despite this, I still get certificate problems
java.io.IOException
at com.ibm.net.ssl.www.protocol.http.ci.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getResponseCode(Unknown Source)
at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getResponseCode(Unknown Source)
at com.meterware.httpunit.HttpWebResponse.readResponseHeader(HttpWebResponse.java:162)
at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:200)
at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:56)
at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:67)
at com.meterware.httpunit.WebConversation.newResponse(WebConversation.java:76)
at com.meterware.httpunit.WebWindow.getResource(WebWindow.java:164)
at com.meterware.httpunit.WebWindow.getSubframeResponse(WebWindow.java:128)
at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:121)
at com.meterware.httpunit.WebClient.getResponse(WebClient.java:113)
at com.example.ListUsersTest.testLogin(ListUsersTest.java:65)
Caused by: javax.net.ssl.SSLHandshakeException: protocol version
at com.ibm.jsse.bv.a(Unknown Source)
at com.ibm.jsse.bv.startHandshake(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.o(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.q.connect(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getHeaderFieldKey(Unknown Source)
at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getHeaderFieldKey(Unknown Source)
at com.meterware.httpunit.HttpWebResponse.loadHeaders(HttpWebResponse.java:216)
at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:198)
... 24 more
I added some debug into com.meterware.httpunit.HttpsProtocolSupport
Verifying Https Support
========= SECURITY PROVIDERS ============
Found Security Provider=com.ibm.jsse.IBMJSSEProvider
Found Security Provider=com.ibm.crypto.provider.IBMJCE
Found Security Provider=com.ibm.security.jgss.IBMJGSSProvider
Found Security Provider=com.ibm.security.cert.IBMCertPath
=========================================
Found Security Provider=class com.ibm.jsse.IBMJSSEProvider
Provider class = class com.ibm.jsse.IBMJSSEProvider
hasProvider ( class com.ibm.jsse.IBMJSSEProvider ) .. Security.getProviders(TLSv1)
Found Security Provider=com.ibm.jsse.IBMJSSEProvider
registerSSLProtocolHandler() - updates system property for java.protocol.handler.pkgs
Defaulting System Property java.protocol.handler.pkgs = com.ibm.net.ssl.internal.www.protocol
Someone recommended using IBMJSSE2, as its more compatible with Sun implementation. Sun's implementation seems to be more forgiving on trusted certificates etc and considering that I've created my own certs and signed them myself, this may be an issue. But I am based in the UK and it (IBMJSSE2) doesn't seem to come pre-packaged.
Any help appreciated
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
update.. wrote quick simple test, I didn't have to do anything special to get ssl working, Wondering if com.meterware.httpunit.HttpsProtocolSupport is required at all. System properties set ok by default. Have problems, but current problem not in anyway related to httpunit. The error i get can be repeated with following code...
import java.net.*;
import java.io.*;
public class URLReader
{
/**
* Blah.
*
* @param args
* @throws Exception
*/
public static void main (String[] args) throws Exception
{
final URL yahoo = new URL( "https://localhost:8443/test/" );
final BufferedReader in = new BufferedReader( new InputStreamReader( yahoo.openStream() ) );
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println( inputLine );
in.close();
}
}
Exception in thread "main" javax.net.ssl.SSLHandshakeException: protocol version
at com.ibm.jsse.bv.a(Unknown Source)
at com.ibm.jsse.bv.startHandshake(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.o(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.q.connect(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.t.getInputStream(Unknown Source)
at java.net.URL.openStream(URL.java:942)
at com.example.webtest.URLReader.main(URLReader.java:27)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I know that there are feature requests related to HttpUnit not supporting SSL when using IBM's version of Java. But I'm hoping that someone on here can help with a workaround
I have a working version of my application running under SUN's JSSE on windows, but the deployed environment will use IBM's JSSE on Linux.
On the Linux system, I believe my keystore is ok, I created it using the keytool supplied with IBM Java. I have a Jetty server running and using it and I can connect over https successfully using a browser with no problems.
I edited com.meterware.httpunit.HttpsProtocolSupport
and changed the default behaviour of trying to use Sun's implementation of JSSE.
I'm using a self signed certificate, and have added my certifictate authority to cacerts file.
However despite this, I still get certificate problems
java.io.IOException
at com.ibm.net.ssl.www.protocol.http.ci.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getResponseCode(Unknown Source)
at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getResponseCode(Unknown Source)
at com.meterware.httpunit.HttpWebResponse.readResponseHeader(HttpWebResponse.java:162)
at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:200)
at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:56)
at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:67)
at com.meterware.httpunit.WebConversation.newResponse(WebConversation.java:76)
at com.meterware.httpunit.WebWindow.getResource(WebWindow.java:164)
at com.meterware.httpunit.WebWindow.getSubframeResponse(WebWindow.java:128)
at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:121)
at com.meterware.httpunit.WebClient.getResponse(WebClient.java:113)
at com.example.ListUsersTest.testLogin(ListUsersTest.java:65)
Caused by: javax.net.ssl.SSLHandshakeException: protocol version
at com.ibm.jsse.bv.a(Unknown Source)
at com.ibm.jsse.bv.startHandshake(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.o(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.q.connect(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getHeaderFieldKey(Unknown Source)
at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getHeaderFieldKey(Unknown Source)
at com.meterware.httpunit.HttpWebResponse.loadHeaders(HttpWebResponse.java:216)
at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:198)
... 24 more
I added some debug into com.meterware.httpunit.HttpsProtocolSupport
Verifying Https Support
========= SECURITY PROVIDERS ============
Found Security Provider=com.ibm.jsse.IBMJSSEProvider
Found Security Provider=com.ibm.crypto.provider.IBMJCE
Found Security Provider=com.ibm.security.jgss.IBMJGSSProvider
Found Security Provider=com.ibm.security.cert.IBMCertPath
=========================================
Found Security Provider=class com.ibm.jsse.IBMJSSEProvider
Provider class = class com.ibm.jsse.IBMJSSEProvider
hasProvider ( class com.ibm.jsse.IBMJSSEProvider ) .. Security.getProviders(TLSv1)
Found Security Provider=com.ibm.jsse.IBMJSSEProvider
registerSSLProtocolHandler() - updates system property for java.protocol.handler.pkgs
Defaulting System Property java.protocol.handler.pkgs = com.ibm.net.ssl.internal.www.protocol
Someone recommended using IBMJSSE2, as its more compatible with Sun implementation. Sun's implementation seems to be more forgiving on trusted certificates etc and considering that I've created my own certs and signed them myself, this may be an issue. But I am based in the UK and it (IBMJSSE2) doesn't seem to come pre-packaged.
Any help appreciated
update.. wrote quick simple test, I didn't have to do anything special to get ssl working, Wondering if com.meterware.httpunit.HttpsProtocolSupport is required at all. System properties set ok by default. Have problems, but current problem not in anyway related to httpunit. The error i get can be repeated with following code...
import java.net.*;
import java.io.*;
public class URLReader
{
/**
* Blah.
*
* @param args
* @throws Exception
*/
public static void main (String[] args) throws Exception
{
final URL yahoo = new URL( "https://localhost:8443/test/" );
final BufferedReader in = new BufferedReader( new InputStreamReader( yahoo.openStream() ) );
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println( inputLine );
in.close();
}
}
Exception in thread "main" javax.net.ssl.SSLHandshakeException: protocol version
at com.ibm.jsse.bv.a(Unknown Source)
at com.ibm.jsse.bv.startHandshake(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.b.o(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.q.connect(Unknown Source)
at com.ibm.net.ssl.www.protocol.http.ci.getInputStream(Unknown Source)
at com.ibm.net.ssl.www.protocol.https.t.getInputStream(Unknown Source)
at java.net.URL.openStream(URL.java:942)
at com.example.webtest.URLReader.main(URLReader.java:27)
Found IBMJSSE2, enabled it, it printed debug
ran client and server with -Djavax.net.debug=all
turns out client was using SSLv3 and Server (Jetty) did not have SSLv3 support enabled
for more info
http://www-128.ibm.com/developerworks/forums/dw_thread.jsp?forum=178&thread=136497&cat=10