1

We tried to write a rest client with HTTPS and Basic Auth. The code is below. I am getting the following exception:

java.net.ConnectException: Connection timed out: connect

Can any one help me find what I am doing wrong?

public class sampleMain {
                public static void main(String[] args) {

            ClientConfig clientConfig = new DefaultClientConfig();
            /*  clientConfig.getProperties().put(ClientConfig.PROPERTY_FOLLOW_REDIRECTS, true);*/
            clientConfig.getProperties().put(ClientConfig.PROPERTY_READ_TIMEOUT, 300000);
            clientConfig.getProperties().put(ClientConfig.PROPERTY_CONNECT_TIMEOUT, 30000);

            disableSslVerification(clientConfig);
            Client client = Client.create(clientConfig);
            client.setFollowRedirects(true);
            HTTPBasicAuthFilter authenticationFilter = new HTTPBasicAuthFilter("admin", "APP@#1234");

            client.addFilter(authenticationFilter);
            WebResource webResource = client.resource("https://someIP:443/rest/api/topology/servicesnodes");
            ClientResponse response =  webResource.accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
            System.out.println(response);
        }

//below method is used to set ssl context to clientconfig as https property
        private static void disableSslVerification(ClientConfig clientConfig) {
            try {
                // Create a trust manager that does not validate certificate chains
                TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
                    @Override
                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }

                    @Override
                    public void checkClientTrusted(X509Certificate[] certs, String authType) {
                    }

                    @Override
                    public void checkServerTrusted(X509Certificate[] certs, String authType) {
                    }
                } };

                // Install the all-trusting trust manager
                SSLContext sc = SSLContext.getInstance("SSL");
                sc.init(null, trustAllCerts, new java.security.SecureRandom());
                HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

                clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(new HostnameVerifier() {
                    @Override
                    public boolean verify(String s, SSLSession sslSession) {
                        return true;
                    }
                }, sc));

            } catch (NoSuchAlgorithmException ae1) {
            } catch (KeyManagementException e) {
            }
        }


    }
ChrisGPT was on strike
  • 127,765
  • 105
  • 273
  • 257
Hemadri Rangisetty
  • 33
  • 1
  • 7
  • i am getting below exception:java.net.ConnectException: Connection timed out: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source) at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source) at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source) at java.net.AbstractPlainSocketImpl.connect(Unknown Source) at java.net.PlainSocketImpl.connect(Unknown Source) at java.net.SocksSocketImpl.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at sun.security.ssl.SSL – Hemadri Rangisetty Aug 28 '17 at 10:17
  • 1
    where's the exception? if you can it print it stack trace and add it to question – Ori Marko Aug 28 '17 at 10:26

1 Answers1

1

This exception

java.net.ConnectException: Connection timed out: connect

means nothing else but impossibility of connection to a given IP/host through given port on a socket level within given timeout, which is in your case big enough, to exclude timeout value itself from consideration

This happen in 99% of cases when given IP/host is unreachable at all via given port from the requestor network, not actually depending on the code written.

Assuming someIP is not a typo in your code and from this point onward you substitute someIP with an actual real IP address:

https://someIP:443/rest/api/topology/servicesnodes

you can just try opening the whole link in a browser to see if it's working outside of your code.

Also, you can verify someIP is accessible at 443 port from the place your code is being launched. For this, execute the following from command line on the server which runs your code:

telnet someIP 443
  • You should get something like Connected to someIP. Escape character is '^]'. which will indicate successful connection. Press Ctrl+C to exit the session
  • If telnet hangs with message Trying someIP... or indicates error in some other way - that confirms that given IP is unreachable through given port

Typical cases why IP cannot be accessed can be

  • Wrong IP. E.g. you're trying to use private IP instead of public one
  • Wrong Port. Trying to access default 443 while server is listening for example 8443
  • Server located on given IP is down
  • Subnet under which you're trying to access IP is not expected. E.g. not whitelisted on IP owner's side (or, for example, you must be in VPN to owner's network to access it, or proxy needs to be configured, etc.)
  • Security agents in the middle are restricting access (firewalls, etc.)
  • ...

All of these cases require contacting IP/host owner for further clarification.

EDIT

Check out this answer as well with 'debug' procedure description

Kostiantyn
  • 1,856
  • 11
  • 13