Question

i'm trying sardine to make a webdav client, but it doesn't connect to my https server. in the usageguide say this about ssl http://code.google.com/p/sardine/wiki/UsageGuide#SSL but i dont know how to provide my custom Http client with my keystore.

i get this error. 

Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:941)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:919)
    at com.googlecode.sardine.impl.SardineImpl.execute(SardineImpl.java:684)
    at com.googlecode.sardine.impl.SardineImpl.list(SardineImpl.java:339)
    at com.googlecode.sardine.impl.SardineImpl.getResources(SardineImpl.java:326)
    at sardine.main(sardine.java:15)

How can i set up?

Was it helpful?

Solution

Pretty simple example (for http://mydrive.net and Linux):

  • download cert from mydrive.net with OpenSSL
    • openssl s_client -connect webdav.mydrive.ch:443 > mydrive.net.crt
  • remove all stuff except of between BEGIN and END (inclusive) in mydrive.net.crt file
  • generate a new keystore:
    • keytool -genkey -alias dummy -keyalg RSA -keystore /etc/ssl/certs/java/yourKeyStore.jks -keysize 2048
    • use a secure passphrase
    • Remove unused generated certificate
      • keytool -delete -alias dummy -keystore /etc/ssl/certs/java/yourKeyStore.jks
  • Import cert from mydrive.net
    • keytool -import -trustcacerts -alias mydrive.net -keystore /etc/ssl/certs/java/kyourKeyStore.jks -file ./mydrive.net.crt
  • Verify import:
    • keytool -list -keystore /etc/ssl/certs/java/yourKeyStore.jks
  • add Java Parameter for keystore
    • JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/yourKeyStore.jks"
  • Restart JVM

Now you can use Sardine without overwrite or reimplement methods. Just use

Sardine sardine = SardineFactory.begin(username, password);
List<DavResource> resources = sardine.list("https://webdav.mydrive.ch/");

Tip: Make sure to use the correct cert. MyDrive has several certs for example

OTHER TIPS

Store the keystore(s) as raw resources, load them and use them to initialize SSLSocketFactory. You can than use it instantiate an HttpClient. To plug in into Sardine you need to override the method they specify in the Wiki to return your customized HttpClient instance.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top