Geek Answers Handbook

Opening an SSL Web Browser Connection in the HtmlUnit Library

I searched the Internet for a couple of hours on this issue, and none of the answers I found really fit into my problem, so here I am, asking my first question in SOF.

So, I am trying to open a web browser from a java program using the htmlunit library. An SSL connection is required to connect to the website, and the certificate is stored in a USB key. His product is iKey2023.

The system used (I did not write it), but one of the certificates in the USB key expired, so it automatically moved on to the next (there were 4 certificates in total), and it suddenly stopped working.

This gives me javax.net.ssl.SSLPeerUnverifiedException: an unauthenticated error.

I returned home and I forgot the exact name of the method, but I remember the following.

  • A browser instance is created using IE8

  • The browser.setWebConnection method was called. This method, according to the API, is an internal API.

  • Make a connection to the website by passing the URL as a parameter

Throws the exception in step 3.

Some details. Small details may be wrong, but I'm typical to describe the big picture. In step 2, this method requires the WebConnection object to be a parameter, and there is an implementation of this interface. As part of this implementation, the keystore is created using sun.security.pkcs11.SunPKCS11 (configFileInputStream) (did I write this correctly?)

It was like that.

Provider p = new sun.security.pkcs11.SunPKCS11 (configFileInputStream); Security.addProvider (p);

And create a keystore for this provider.

Using this keystore, as part of the WebConnection implementation, it creates an SSLSocket.

So, after the certificate has been switched to a new one, it does not select the certificate correctly.

Here is what I have tried.

  • I tried to use different methods in the htmlunit library, something like setSecurityProvider, and I tried to put the Provider object created in the code snippet above. I got a class exception.

  • I tried to manually set the system properties (trustStore, trustStorePassword, keyStore, etc.). To do this, I wanted to export the certificate from a USB key, but it did not allow me to remove the private key from it, so I could not create a valid PKCS12 file from it (openSSL wanted to get a private key file along with a .pem file for conversion, and I had this key file was not).

They did not work, and I am so stuck right now. Any help / hint would be greatly appreciated. If you need more detailed information, I can provide them tomorrow, but I think I have given enough details here.

Thanks in advance.

+4
source share
1 answer

I have a similar problem. In my case, the administrator changed the certificate, and I began to encounter the same SSLPeerUnverifiedException.

I found that I can configure WebClient to use insecureSSL (before calling getPage ()), and I will no longer get the exception.

webClient.setUseInsecureSSL(true);

This, however, does not solve the problem, since the server does not basically authenticate the client.

It is as if WebClient is storing something that does not work with the new certificate.

+5
source

More articles:


All Articles