0
HttpClient =new DefaultHttpClient();
HttpPost post = new HttpPost("https://myulr/token");
post.addHeader("Content-Type", "application/x-www-form-urlencoded");
List<BasicNameValuePair> parametersBody = new ArrayList<BasicNameValuePair>();
parametersBody.add(new BasicNameValuePair("client_id","my-client-id"));
parametersBody.add(new BasicNameValuePair("client_secret","my-secret-key"));
parametersBody.add(new BasicNameValuePair("scope","my-scope"));
parametersBody.add(new BasicNameValuePair("grant_type","client_credentials"));
try{
    post.setEntity(new UrlEncodedFormEntity(parametersBody));
    HttpResponse httpResponse = httpClient.execute(post);
    int code = httpResponse.getStatusLine().getStatusCode();
    System.out.println("Code::::: "+code);
    String result=EntityUtils.toString(httpResponse.getEntity());
    System.out.println("Result: "+result); 
 }catch(Exception e){
    e.printStackTrace();
 }

This code is properly executing in JDK8 but if I try to execute it in JDK7, it is throwing javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated exception. I tried to google the issue. I found that we can write X509TrustManager and X509HostnameVerifier. I tried with these implementations also, but still didn't work. Please suggest me how can I execute it in JDK7. Again if I execute the code with X509TrustManager and X509HostnameVerifier, I am getting "java.net.SocketException: Connection reset"

Roshan
  • 21
  • 3

1 Answers1

0

I just recently researched this and i want to add this - Support for TLS 1.2 first appeared in JDK 7. For compatibility reasons, it is enabled by default on server sockets but disabled on clients. To change it, I wrote following code and it worked for me:

HttpClient base = new DefaultHttpClient();
SSLContext ctx = SSLContext.getInstance("TLSv1.2");
X509TrustManager tm = new X509TrustManager() {
    public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
    }
    public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
    }
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
 };
 X509HostnameVerifier verifier = new X509HostnameVerifier() {
     @Override
     public void verify(String string, X509Certificate xc) throws SSLException {
     }
     @Override
     public void verify(String string, String[] strings, String[] strings1) throws SSLException {
     }
     @Override
     public boolean verify(String string, SSLSession ssls) {
         return true;
     }
     @Override
     public void verify(String arg0, SSLSocket arg1) throws IOException {
     }
 };
 ctx.init(null, new TrustManager[]{tm}, null);
 SSLSocketFactory ssf = new 
 SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
 ssf.setHostnameVerifier(verifier);
 ClientConnectionManager ccm = base.getConnectionManager();
 SchemeRegistry sr = ccm.getSchemeRegistry();
 sr.register(new Scheme("https", ssf, 443));
 httpClient = new DefaultHttpClient(ccm, base.getParams());
Roshan
  • 21
  • 3