StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWhy do I get javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated only in production?
primarykey
Id
10034849
data
AcceptedAnswerId
10132121
AnswerCount
2
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2012-04-05T19:32:06.630
FavoriteCount
0
LastActivityDate
2016-04-06T22:50:03.350
LastEditDate
2012-04-06T19:00:17.587
LastEditorUserId
253412
OwnerUserId
253412
ParentId
0
PostTypeId
1
Score
2
ViewCount
24591
LastEditorDisplayName
text
Body
I have a grails 1.3.7 application that makes an https api call to a third party using the apache HttpClient. The third party URL I'm hitting has a valid certificate. I create and execute my request like so: <pre><code>HttpClient client = new DefaultHttpClient() List<BasicNameValuePair> queryParams = new ArrayList<BasicNameValuePair>() queryParams.add(new BasicNameValuePair("a_parameter", "a_parameter_value")) URI uri = URIUtils.createURI("https", "third.party.address", 443, "/some/url/for/us", URLEncodedUtils.format(queryParams, "UTF-8"), null) HttpGet httpGet = new HttpGet(uri) try { log.debug "Sending request to ${uri}" return client.execute(httpGet) } catch(HttpException e) { log.error "HttpException during location lookup request: ${e}" return } catch(IOException e) { log.error "IOException during location lookup request: ${e}" return } </code></pre> This works fine when I'm running my project in dev mode. I'm also able to directly call the same URL from curl and my browser with no errors. However, once my project is built into a war file and put on a tomcat instance that has a certificate/keystore defined so that clients can connect to US using https, my requests start failing with the following IOException: <pre><code>javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated </code></pre> I'm trying to figure out the point of failure here. Why is making an https request from curl or my dev mode different than making an https request from an https configured tomcat instance? The tomcat instance is not publicly accessible, but there are no certificate issues when I connect to it from my browser (chrome says the cert is fine, as does a verbose curl request). I'm not an https/ssl expert by any stretch, so I'm looking for help explaining what is wrong, why it's wrong, and how I can fix it. I can provide any other needed info. ---Update--- I enabled the <code>javax.net.debug</code> as suggested below and the output included the following error: <pre><code>java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be\ non-empty </code></pre> My googling has made me think that this issue is because I'm using the following java opt when starting tomcat: <pre><code>-Djavax.net.ssl.trustStore=/path/to/tomcat/conf/myStore.jks </code></pre> If that's true, how can I add the things I needed in myStore.jks and not override the defaults so everyone is happy?
Tags
<grails><ssl><https><httpclient>
Title
Why do I get javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated only in production?
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. UStwilbrand
UserOwnerUserId
1. UStwilbrand
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POWhy do I get javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated only in production?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COYou could try turning on SSL debugging with the `javax.net.debug` property - see http://www.herongyang.com/JDK/SSL-Socket-Communication-Debug-javax-net-debug.html
 singulars
 PostPostId
 POWhy do I get javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated only in production?
 UserUserId
 USChris White
2. COI've updated the post with the little information provided by enabling that.
 singulars
 PostPostId
 POWhy do I get javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated only in production?
 UserUserId
 UStwilbrand

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.