search

h-tadagawa / rest-client

Automatically exported from code.google.com/p/rest-client
Apache License 2.0
0 stars 0 forks source link

Support for ssl #37

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 

Is the support for ssl connections already planned? This would be very
useful when connection to https REST services.

Original issue reported on code.google.com by cyrille....@gmail.com on 26 Feb 2008 at 2:51

GoogleCodeExporter commented 8 years ago 
I believe it is supported in the underlying HTTP library used by RESTClient. 
Can you
test it out?

Original comment by subwiz on 27 Feb 2008 at 5:52

GoogleCodeExporter commented 8 years ago 
I tried connecting to https://dev.java.net/ .
It works:

http://flickr.com/photos/subwiz/2297501725/

And I discovered a little secret too: dev.java.net is hosted using JBoss, not 
using
Glassfish :O !

Original comment by subwiz on 28 Feb 2008 at 1:14

GoogleCodeExporter commented 8 years ago 
Marking the issue Invalid as the feature already exists.

Original comment by subwiz on 29 Feb 2008 at 10:38

GoogleCodeExporter commented 8 years ago 

Yes, that's ok when you only have a server certificate. But it does not work if 
i
need to authenticate myself with a certificate: i need to be able to specify a
keystore. This is the same kind of feature that is available under SOAPUI.

Original comment by cyrille....@gmail.com on 5 Mar 2008 at 10:59

GoogleCodeExporter commented 8 years ago 
Makes sense...

I will look into it.

Original comment by subwiz on 5 Mar 2008 at 11:04

GoogleCodeExporter commented 8 years ago 
I downloaded SoapUI 2.0.2. The requested feature is available in the menu:

File>Preferences>SSL Settings

Original comment by subwiz on 5 Mar 2008 at 11:18

GoogleCodeExporter commented 8 years ago 
A simple and fast to learn tutorial on Java's support for SSL. Will need this 
for
fixing the issue:

http://tvilda.stilius.net/java/java_ssl.php

Original comment by subwiz on 5 Mar 2008 at 4:19

GoogleCodeExporter commented 8 years ago 
Some other details:

http://hc.apache.org/httpclient-3.x/sslguide.html
http://www.jdocs.com/httpclient/3.0.1/api-index.html?m=class&p=org.apache.common
s.httpclient.contrib.ssl&c=AuthSSLProtocolSocketFactory&render=classic

Original comment by subwiz on 5 Mar 2008 at 4:35

GoogleCodeExporter commented 8 years ago

Original comment by subwiz on 8 Mar 2008 at 1:00

GoogleCodeExporter commented 8 years ago 
We should take Option input for:

1. truststore file
2. truststore password
3. keystore file
4. keystore password

These seem to be the input expected by the API. Is this correct @cyrille.puget?

Original comment by subwiz on 17 Mar 2008 at 4:25

GoogleCodeExporter commented 8 years ago 
Yes, this is how it should be done.
In SOAPUI, they might have taken a shorcut since no trustore is required. The 
might
do truststore = keystore internally.

Original comment by cyrille....@gmail.com on 4 Apr 2008 at 10:05

GoogleCodeExporter commented 8 years ago 
Thanks for the detail. I will incorporate this feature in the next release.

Original comment by subwiz on 9 Apr 2008 at 5:34

GoogleCodeExporter commented 8 years ago 
Revision 225: Http library changed to:

http://hc.apache.org/httpcomponents-client/

This has a neater implementation of SSL. SSL example for this API:

http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/sr
c/examples/org/apache/http/examples/client/ClientCustomSSL.java

Original comment by subwiz on 25 Jul 2008 at 1:31

GoogleCodeExporter commented 8 years ago 
Rev. 226 has a basic implementation. Yet to do the file save part, browse 
button for
selecting the truststore file.

Original comment by subwiz on 25 Jul 2008 at 5:15

GoogleCodeExporter commented 8 years ago 
The binary with SSL support is available for download from here:

http://wiztools.org/project/RESTClient/restclient-3.0-SNAPSHOT-jar-with-dependen
cies.jar

@cyrille.puget, can you test this and tell me if it satisfies your requirement?

Original comment by subwiz on 27 Jul 2008 at 2:02

GoogleCodeExporter commented 8 years ago 
Closing the issue on the assumption that it works!

Original comment by subwiz on 5 Aug 2008 at 8:09

GoogleCodeExporter commented 8 years ago 
Hi ... I just started using REST Client 2.2

When am using 2-WAY SSL...it's not working...am getting peer not authenticated 
exception.

When am using 1-way SSL ...am getting "not able to verify hostname" error.

Is there any "Ignore Hostname Verification" feature.

Pls tell me the correct procedure, if i have done anything wrong.

Original comment by somayaju...@gmail.com on 22 Dec 2008 at 5:56

GoogleCodeExporter commented 8 years ago 
Thanks for pointing it out. I just found this in http client library (which is 
used
by RESTClient):

http://hc.apache.org/httpcomponents-client/httpclient/apidocs/org/apache/http/co
nn/ssl/AllowAllHostnameVerifier.html

So I will incorporate this in next release. I have re-opened the issue too.

Original comment by subwiz on 23 Dec 2008 at 4:46

GoogleCodeExporter commented 8 years ago 
Thanks...

Also, try to include the 2-way SSL feature as well.

By the way, when can we expect the next release?

Original comment by somayaju...@gmail.com on 23 Dec 2008 at 5:15

GoogleCodeExporter commented 8 years ago 
Rev. 351 has the fix for Ignoring Hostname Verification.

I have used 2-way-SSL in RESTClient with success recently. Please check with 
Rev.351
and verify if it works.

Rev.351 build is available here:
http://wiztools.org/project/RESTClient/restclient-2.3-SNAPSHOT-jar-with-dependen
cies.jar

A particular date for next release is not yet planned. But I think before end 
of Jan
2009 it should be released.

Original comment by subwiz on 23 Dec 2008 at 7:06

GoogleCodeExporter commented 8 years ago 
Thanks for the info...

Able to download restclient-2.3 and tested it against 1-way SSL.
It works fine.

But it fails when tried against 2-way SSL.
Attached the screen-shot of the error.

Could i request subwiz user to pls explain me the scenario against which he 
could 
succeed with 2-way SSL.

Pls go thru the error and let me know if i did any wrong/ give me the solution.

Thanks and wish you a Happy New Year

Original comment by somayaju...@gmail.com on 31 Dec 2008 at 12:52

Attachments:

GoogleCodeExporter commented 8 years ago 
Thanks for sending in the details. I am looking into it...

Original comment by subwiz on 3 Jan 2009 at 7:49

GoogleCodeExporter commented 8 years ago 
Any update on 2-way SSL feature?

Original comment by somayaju...@gmail.com on 1 Jun 2009 at 7:26

GoogleCodeExporter commented 8 years ago 
2-way SSL is working for me. Can you try again? Can you verify if your 
configuration 
is correct?

Original comment by subwiz on 4 Jun 2009 at 1:55

GoogleCodeExporter commented 8 years ago 
closing the issue as i have stopped receiving new complaints on this.

Original comment by subwiz on 5 Sep 2010 at 3:40

GoogleCodeExporter commented 8 years ago 
r579 and r580 has the fix.

Original comment by subwiz on 8 Jul 2012 at 9:17