I am facing this problem, i am calling an http url via SOAPConnection.call() method, it works fine, but when i use an https url it doesn't work. How to configure SSL in this scenario?
Related
I wrote Java code to login to Salesforce and ran this code on a firewalled server. For this, I have to specify the proxy url and proxy port before connecting to Salesforce due to the firewall. However, I'm getting an unknownhostexception error for the proxy url. If I try to login via curl with the proxy settings, I am able to connect. How come there is a problem connecting using Java then? Any help is appreciated.
Apparently the issue was caused by JVM configs. We have to configure JVM to use the proxy settings as follows:
System.setProperty("http.proxyHost", crmProxyURL);
System.setProperty("http.proxyPort", crmProxyPort);
Depending on your HTTP library the System settings might not be enough or not needed. In the Salesforce context it is quite possible that one would try using the Jetty HTTP Client. In this case the System properties are ignored and proxy needs to be handled by the Jetty client:
ProxyConfiguration proxyConfig = httpClient.getProxyConfiguration();
HttpProxy proxy = new HttpProxy("proxyHost", proxyPort);
proxyConfig.getProxies().add(proxy);
The Apache HTTP Client, another popular choice, also uses its own little mechanism:
HttpHost proxy = new HttpHost("proxyHost", proxyPort, "https");
RequestConfig config = RequestConfig.custom().setProxy(proxy).build();
HttpGet request = new HttpGet(someURL);
request.setConfig(config);
Interesting here: one can specify to use http or https as the proxy protocol.
In general I found using one of the http client much easier that the JDK low level functions.
I am trying to test a REST API having an ELB similar to below:
https://systemtest-inventory.com/v1/inventory/getInventory
When I tried the URL with postman chrome, it is giving me valid response.
But when I try to use it in Java program as below:
RestAssured.baseURI="https://systemtest-inventory.com/";
RestAssured.get("v1/inventory/getInventory").then().assertThat().contentType(ContentType.JSON);
It gives this error:
org.apache.http.conn.HttpHostConnectException: Connection to
https://systemtest-inventory.com refused
I am aware that I am using HTTPS and need to have security certificate trusted. However, I am not sure how to do it. Is there any way in Rest assured to test with HTTPS and not HTTP.
You could do something as below for ignoring HTTPS Validation:
given().config(RestAssured.config().sslConfig( new SSLConfig().relaxedHTTPSValidation());
To ignore the HTTPS Connection you can use:
RestAssured.useRelaxedHTTPSValidation();
I would like to write a SSL MITM proxy using Jetty. I've gone through some examples and it seems that I can use org.eclipse.jetty.server.handler.ConnectHandler for HTTPS Connect tunneling.
Is there any way that I can set my own certificate and decrypt content using ConnectHandler?
I have a webservice in Java 1.6 that extends javax.xml.ws.Service. The WSDL URL is located at an HTTPS endpoint and I am behind a corporate proxy (NTLM I believe). I have the proxy host, port, username, and password. I have verified that I can access the WSDL using curl if I specify the proxy in my .curlrc file. When the constructor is called it will eventually timeout with the error:
javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://www.blah.com/myservice.asmx?wsdl. It failed with:
Connection timed out.
The call that fails is:
public MyService_Service() {
// this call to super is the one that times out
super(__getWsdlLocation(), MYSERVICE_QNAME);
}
I have tried the following but none of the solutions work.
Client Webservice in java - proxy authentication
Java Web Service client basic authentication
What can I do to call the web service from behind a proxy?
I was able to get this to work by adding the following code before the server instantiation:
System.setProperty("proxyHost", "myproxy.com");
System.setProperty("proxyPort", "8080");
Strangely this worked when I tested it by setting the VM options -DproxyHost and -DproxyPort so then searched for how to set it programmatically.
I would like to run a servlet in Jetty on an HTTPS site that requires a client certificate for only part of the site (specific URLs). For example:
https://example.com/someservlet/public - no client cert required
https://example.com/someservlet/protected - client cert required
In Apache I can accomplish this by specifying SSLVerifyClient require inside a <Directory> or <Location> which forces Apache to renegotiate the SSL connection after the request is made.
I do not want to run Jetty embedded in anything else, just standalone. Is this possible? Can a Servlet cause this directly somehow? Can it be done via configuration?
As far as I know you can only specify the SSL options on a per-port basis.
Even if you could the configuration you are trying to achieve is problematic, as it needs the SSLRenegotiation which has been changed about a year ago because of a security vulnerability. The new method for performing an SSLRenogitiation is therefore only supported by newer clients and sometimes even if it is supported it does not work because of bugs.
My recommendation for an easy workaround: Configure Jetty to listen on two SSL ports:
For example on 443 without HTTPS Client auth and on 8443 with HTTPS client auth required. Then make your protected servlet only available on 8443. This is not a nice solution but 100% robust, works with Jetty and with all clients.