Hi Dear,
Now I can't send request to cacti using org.apache.http.client.HttpClient with TLS1.2:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated.
The cacti version I am using is 0.8.8b
HttpClient is 4.1
I have change the /etc/httpd/conf.d/ssl.conf for security reasons.
#SSLProtocol all -SSLv2 -SSLv3 +TLSv1 -->before
SSLProtocol -all +TLSv1.2 -->now
And the code has been changed:
SSLContext ctx = SSLContext.getInstance("TLSv1");
X509TrustManager tm = new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain,
String authType)
throws java.security.cert.CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain,
String authType)
throws java.security.cert.CertificateException {
// TODO Auto-generated method stub
}
};
ctx.init(null, new TrustManager[] { tm }, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("https", 443, ssf));
ThreadSafeClientConnManager mgr = new ThreadSafeClientConnManager(registry);
return new DefaultHttpClient(mgr, httpclient.getParams());
I don't know if the cacti is support the TLS 1.2?
If cacti is avaialble for TLS 1.2, how to solve this problem?
Thanks a lot!!!
Can't send request to cacti by HttpClient(java) with TLS1.2
Moderators: Developers, Moderators
-
kweehoonkim
- Posts: 1
- Joined: Thu Feb 04, 2016 2:30 am
Who is online
Users browsing this forum: No registered users and 10 guests