Question

i'm trying sardine to make a webdav client, but it doesn't connect to my https server. in the usageguide say this about ssl http://code.google.com/p/sardine/wiki/UsageGuide#SSL but i dont know how to provide my custom Http client with my keystore.

i get this error. 

Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:941)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:919)
    at com.googlecode.sardine.impl.SardineImpl.execute(SardineImpl.java:684)
    at com.googlecode.sardine.impl.SardineImpl.list(SardineImpl.java:339)
    at com.googlecode.sardine.impl.SardineImpl.getResources(SardineImpl.java:326)
    at sardine.main(sardine.java:15)

How can i set up?

Était-ce utile?

La solution

Pretty simple example (for http://mydrive.net and Linux):

  • download cert from mydrive.net with OpenSSL
    • openssl s_client -connect webdav.mydrive.ch:443 > mydrive.net.crt
  • remove all stuff except of between BEGIN and END (inclusive) in mydrive.net.crt file
  • generate a new keystore:
    • keytool -genkey -alias dummy -keyalg RSA -keystore /etc/ssl/certs/java/yourKeyStore.jks -keysize 2048
    • use a secure passphrase
    • Remove unused generated certificate
      • keytool -delete -alias dummy -keystore /etc/ssl/certs/java/yourKeyStore.jks
  • Import cert from mydrive.net
    • keytool -import -trustcacerts -alias mydrive.net -keystore /etc/ssl/certs/java/kyourKeyStore.jks -file ./mydrive.net.crt
  • Verify import:
    • keytool -list -keystore /etc/ssl/certs/java/yourKeyStore.jks
  • add Java Parameter for keystore
    • JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/yourKeyStore.jks"
  • Restart JVM

Now you can use Sardine without overwrite or reimplement methods. Just use

Sardine sardine = SardineFactory.begin(username, password);
List<DavResource> resources = sardine.list("https://webdav.mydrive.ch/");

Tip: Make sure to use the correct cert. MyDrive has several certs for example

Autres conseils

Store the keystore(s) as raw resources, load them and use them to initialize SSLSocketFactory. You can than use it instantiate an HttpClient. To plug in into Sardine you need to override the method they specify in the Wiki to return your customized HttpClient instance.

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top