1

I've a REST web service using Spring in Java 1.7 running on Tomcat 7. I've self signed cert on my dev machine. When I try to invoke the API using rest client, it gives below error:

    peer not authenticated
    javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
        at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:397)
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
        at org.wiztools.restclient.HTTPClientRequestExecuter.execute(HTTPClientRequestExecuter.java:387)
        at org.wiztools.restclient.ui.RESTViewImpl$2.run(RESTViewImpl.java:320)

Can any one tell me how to get rid of this error without making any java code changes?

Note: I've run below command in my env already:

keytool -genkey -v -keyalg RSA -alias tomcat -keypass 12345 -storepass 12345
AndreyAkinshin
  • 18,603
  • 29
  • 96
  • 155
Freephone Panwal
  • 1,547
  • 4
  • 21
  • 39

2 Answers2

0

It looks like the server is requesting client authetication and you are not send one certificate from the client to the server. Try to run the VM with -Djavax.net.debug=all parameter.

And I don't think it is possible to do that without make changes to your code.

DiogoSantana
  • 2,404
  • 2
  • 19
  • 24
  • Can you tell me what code to use for spring based controller web service? How the same code works in Production env? In our prod env, we're having Load balancer to take care of https & LB redirects to Tomcat's port 8080. For my dev env, I'm using 443 port & I'm having this issue. – Freephone Panwal Mar 29 '13 at 02:06
  • I think you will need to make some research. You can start [here](http://stackoverflow.com/questions/875467/java-client-certificates-over-https-ssl). About the production env that works, it should be the server configuration asking or not for client authetication. – DiogoSantana Mar 29 '13 at 02:14
0

I get this problem if I use the jre 1.6. When I switch to jre 1.7 this problem goes away.

don
  • 21
  • 2