5

Can Any one help on this please.

I am also using OKHTTP3 version 4.8.1 to write HTTP2 client . Its Working on Oracle JDK 8 but not working on IBM JRE 8.

Error message: java.lang.IllegalStateException: Unable to extract the trust manager on okhttp3.internal.Platform@e85a0ce8, sslSocketFactory is class com.ibm.jsse2.SSLSocketFactoryImpl.

Thank you

wtlucy
  • 704
  • 3
  • 10
Java_Developer
  • 61
  • 1
  • 6
  • Can you include the relevant parts of your code please? – Mingwei Samuel Sep 09 '20 at 08:52
  • i was using this Deprecated method of OKhttp3 jar. sslSocketFactory(sslSocketFactory: SSLSocketFactory).After replacing it with sslSocketFactory(sslSocketFactory: SSLSocketFactory,trustManager). issue resolved. – Java_Developer Sep 09 '20 at 15:43

1 Answers1

5

You are relying on a long deprecated method

https://github.com/square/okhttp/blob/cd722373281202492043f4294fccfe6f691ddc01/okhttp/src/main/kotlin/okhttp3/OkHttpClient.kt#L741

It's deprecated because it had to assume a lot about the JVM, that breaks on each JVM update or across vendors. You should instead call the method with X509TrustManager as a parameter

https://github.com/square/okhttp/blob/cd722373281202492043f4294fccfe6f691ddc01/okhttp/src/main/kotlin/okhttp3/OkHttpClient.kt#L767

TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
    throw new IllegalStateException("Unexpected default trust managers:"
        + Arrays.toString(trustManagers));
}
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { trustManager }, null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

OkHttpClient client = new OkHttpClient.Builder()
    .sslSocketFactory(sslSocketFactory, trustManager)
    .build();
Yuri Schimke
  • 12,435
  • 3
  • 35
  • 69
  • This code was fix for error "Unable to extract the trust manager".Thank you for help – Java_Developer Sep 09 '20 at 15:38
  • On Next step , ALPN config is not working for Webshere 9 and Java 8. Sending HTTP2 request to Apple push server using OKhttp3 client. Server: Webshere 9 Java : 8 OKhttp3 :4.8.1 Also added ALPN jar in boot classpath. ALPN jar version mapped accurately with JDK version in bootclasspath. Getting this error message in IBM Webshere 9 log file. ALPN callback dropped: HTTP/2 is disabled. Is alpn-boot on the boot class path? Thank you for help. – Java_Developer Sep 10 '20 at 08:55
  • I suggest asking as a separate question so more people see it. – Yuri Schimke Sep 10 '20 at 09:29
  • https://stackoverflow.com/questions/63826143/alpn-callback-dropped-http-2-is-disabled-is-alpn-boot-on-the-boot-class-path thanks – Java_Developer Sep 10 '20 at 10:09