0

I am using WizTool.org's RESTClient v3.4.2 to test a remote .NET endpoint that is on a Windows 2012 box, IIS 8.0.

I've used this tool many times to debug the same REST services on my local machine in debug mode, but this is the first time I've tried to use it on the actual production server. (Well, it's actually a QA server, but close enough.) The main difference between what I've done in the past and now is that on my local dev box, I don't have an SSL cert, so it was all done with an HTTP url. On the QA server, we have a cert, so I'm using HTTPS.

I am getting this error:

peer not authenticated
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
    at     org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
at org.wiztools.restclient.HTTPClientRequestExecuter.execute(HTTPClientRequestExecuter.java:303)
at org.wiztools.restclient.ui.RESTView$26.run(RESTView.java:1061)

I found these two threads that relate to this error, but neither provided any clues:

peer not authenticated in web service?

Peer not authenticated exception while consuming https REST service

I also found this thread which more directly addressed the tool I am using, but I'm not sure I follow the proposed solution. Scratch that... I am sure that I do not understand the proposed solution.

https://code.google.com/p/rest-client/issues/detail?id=135

In the RESTClient tool, SSL > General tab, I have played around with all combinations of "Trust self-signed certificates" and "Hostname verifier". No luck. (The server is using a full wild-card cert, so I don't think the "Trust self-signed certificates" has any impact anyway.)

In IIS, I also exported a copy of the cert to a .pfx file (with a password) and then in the RESTClient tool, SSL > Truestore / Keystore, I imported the file. Still no luck.

Any ideas?

Thanks!

Community
  • 1
  • 1
Casey Crookston
  • 13,016
  • 24
  • 107
  • 193

1 Answers1

0

In case anyone else ends up here looking for a solution, I did find one, but not one with the WizTool.org REST tool. The process of importing the SSL cert into that thing proved too challenging, and instead I ended up using a REST testing tool that is Firefox plugin.

http://restclient.net/

Quick little plugin. Worked like a charm right out of the box.

Casey Crookston
  • 13,016
  • 24
  • 107
  • 193