Using HttpClient 4.1.0, we're trying to connect to a remote server that normally would be connected to using a form. By the way, this will be for production use but I would not call the information we're sending sensitive. I'm not sure if they will insist on an https connection anyway.
When we try to call httpClient.execute(httpPost), it throws a SSLPeerUnverifiedException
We're creating a DefaultHttpClient using a ThreadSafeClientConnManager and have verified that the https registry is associated with a SSLSocketFactory.
We're connecting to a url like this: https://some.thingchangedtoprotectthem.com/servlet/servlet.Something
Why would the browser work like a charm, but using a server side process blows up with that exception? Is it because the browser comes with verisign certificates and HttpClient does not?
System.out and Stack trace below:
schemeSocketFactory = org.apache.http.conn.ssl.SSLSocketFactory
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:345)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:562)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:732)
