java sardine over ssl

 

i'm trying sardine to make a webdav client, but it doesn't connect to my https server. in the usageguide say this about ssl http://code.google.com/p/sardine/wiki/UsageGuide#SSL but i dont know how to provide my custom Http client with my keystore.

i get this error. 

Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:941)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:919)
    at com.googlecode.sardine.impl.SardineImpl.execute(SardineImpl.java:684)
    at com.googlecode.sardine.impl.SardineImpl.list(SardineImpl.java:339)
    at com.googlecode.sardine.impl.SardineImpl.getResources(SardineImpl.java:326)
    at sardine.main(sardine.java:15)

How can i set up?

Pretty simple example (for http://mydrive.net and Linux):

  • download cert from mydrive.net with OpenSSL
  • openssl s_client -connect webdav.mydrive.ch:443 > mydrive.net.crt
  • remove all stuff except of between BEGIN and END (inclusive) in mydrive.net.crt file
  • generate a new keystore:
  • keytool -genkey -alias dummy -keyalg RSA -keystore /etc/ssl/certs/java/yourKeyStore.jks -keysize 2048
  • use a secure passphrase
  • Remove unused generated certificate
  • keytool -delete -alias dummy -keystore /etc/ssl/certs/java/yourKeyStore.jks
  • Import cert from mydrive.net
  • keytool -import -trustcacerts -alias mydrive.net -keystore /etc/ssl/certs/java/kyourKeyStore.jks -file ./mydrive.net.crt
  • Verify import:
  • keytool -list -keystore /etc/ssl/certs/java/yourKeyStore.jks
  • add Java Parameter for keystore
  • JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/yourKeyStore.jks"
  • Restart JVM

    • Now you can use Sardine without overwrite or reimplement methods. Just use 

    Sardine sardine = SardineFactory.begin(username, password);
List<DavResource> resources = sardine.list("https://webdav.mydrive.ch/");

    Tip: Make sure to use the correct cert. MyDrive has several certs for example

    Store the keystore(s) as raw resources, load them and use them to initialize SSLSocketFactory. You can than use it instantiate an HttpClient . To plug in into Sardine you need to override the method they specify in the Wiki to return your customized HttpClient instance.

    链接地址: http://www.djcxy.com/p/31162.html

    上一篇: 没有同行证书

    下一篇: java sardine over ssl