[jira] [Commented] (HTTPCLIENT-2311) Http Client not working anymore with SSL configuration

Gary D. Gregory (Jira) Wed, 29 Nov 2023 03:28:26 -0800


    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2311?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17791023#comment-17791023
 ]


Gary D. Gregory commented on HTTPCLIENT-2311:
---------------------------------------------

This duplicates HTTPCLIENT-2292. Search Jira before creating duplicate ticket 
please.

> Http Client not working anymore with SSL configuration
> ------------------------------------------------------
>
>                 Key: HTTPCLIENT-2311
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2311
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>    Affects Versions: 5.2.2
>            Reporter: Hakan Altindag
>            Priority: Major
>             Fix For: 5.2.3
>
>
> The Apache Http Client in version 5.2.2 stopped working. It fails to 
> initialize because it tries to use a proxy while it is not specified and also 
> not needed at all. It was working until version 5.2.1 but now it fails. 
> The stacktrace:
>  
> {code:java}
> java.lang.IllegalArgumentException: Invalid Proxy
>       at java.base/java.net.Socket.<init>(Socket.java:177)    at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory.createSocket(SSLConnectionSocketFactory.java:208)
>       at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:158)
>      at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:447)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.InternalExecRuntime.connectEndpoint(InternalExecRuntime.java:162)
>         at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.InternalExecRuntime.connectEndpoint(InternalExecRuntime.java:172)
>         at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ConnectExec.execute(ConnectExec.java:142)
>         at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(ProtocolExec.java:192)
>       at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.HttpRequestRetryExec.execute(HttpRequestRetryExec.java:96)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ContentCompressionExec.execute(ContentCompressionExec.java:152)
>   at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.RedirectExec.execute(RedirectExec.java:115)
>       at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51)
>        at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.InternalHttpClient.doExecute(InternalHttpClient.java:170)
>         at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:123)
>         at 
> org.apache.httpcomponents.client5.httpclient5@5.2.2/org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:55)
>  at 
> nl.altindag.ssl.apache5/nl.altindag.ssl.apache5.SSLFactoryIT.executeHttpsRequestWithMutualAuthentication(SSLFactoryIT.java:89)
>        at java.base/java.lang.reflect.Method.invoke(Method.java:568)   at 
> java.base/java.util.ArrayList.forEach(ArrayList.java:1511)   at 
> java.base/java.util.ArrayList.forEach(ArrayList.java:1511) {code}
> The failing build pipeline: 
> [https://github.com/Hakky54/sslcontext-kickstart/pull/414]
>  
> The failing integration test: 
> [https://github.com/Hakky54/sslcontext-kickstart/blob/da231f1c5a849c8e80f0367fe780c495b428cb62/sslcontext-kickstart-for-apache5/src/test/java/nl/altindag/ssl/apache5/SSLFactoryIT.java#L73]
>  
> The ssl configuration is built with the following snippet within my library 
> to make it easier for my end-user to use the library alongside with the 
> apache http client:
> {code:java}
> public static LayeredConnectionSocketFactory toSocketFactory(SSLFactory 
> sslFactory) {
>     return new SSLConnectionSocketFactory(
>             sslFactory.getSslContext(),
>             sslFactory.getSslParameters().getProtocols(),
>             sslFactory.getSslParameters().getCipherSuites(),
>             sslFactory.getHostnameVerifier()
>     );
> } {code}
> The failing test code snippet is below and can be viewed also with the 
> following link: 
> [https://github.com/Hakky54/sslcontext-kickstart/blob/da231f1c5a849c8e80f0367fe780c495b428cb62/sslcontext-kickstart-for-apache5/src/test/java/nl/altindag/ssl/apache5/SSLFactoryIT.java#L73]
> {code:java}
> @Test
> void executeHttpsRequestWithMutualAuthentication() throws IOException {
>     SSLFactory sslFactoryForClient = SSLFactory.builder()
>             
> .withIdentityMaterial("keystore/client-server/client-one/identity.jks", 
> "secret".toCharArray())
>             
> .withTrustMaterial("keystore/client-server/client-one/truststore.jks", 
> "secret".toCharArray())
>             .build();
>     LayeredConnectionSocketFactory socketFactory = 
> Apache5SslUtils.toSocketFactory(sslFactoryForClient);
>     PoolingHttpClientConnectionManager connectionManager = 
> PoolingHttpClientConnectionManagerBuilder.create()
>             .setSSLSocketFactory(socketFactory)
>             .build();
>     HttpClient httpClient = HttpClients.custom()
>             .setConnectionManager(connectionManager)
>             .build();
>     HttpGet request = new HttpGet("https://localhost:8443/api/hello";);
>     HttpResponse response = httpClient.execute(request);
>     int statusCode = response.getCode();
>     assertThat(statusCode).isEqualTo(200);
> } {code}
>  
> To reproduce:
> {code:java}
> git clone https://github.com/Hakky54/sslcontext-kickstart.git
> cd sslcontext-kickstart
> git switch 
> dependabot/maven/org.apache.httpcomponents.client5-httpclient5-5.2.2
> mvn install {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org

[jira] [Commented] (HTTPCLIENT-2311) Http Client not working anymore with SSL configuration

Reply via email to