CLM 5.0 peer not authenticated error
I have a sample api that creates folder,artifact etc. I downloaded from jazz.net. It was works fine with CLM 4.0.6 but after I installed CLM 5.0 , I get the error below.
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.ibm.jsse2.fc.getPeerCertificates(fc.java:46)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
at net.jazz.oslc.utils.HttpUtils.sendGetForSecureDocument(HttpUtils.java:233)
at net.jazz.oslc.consumer.examples.Example04.getServiceProviderCatalog(Example04.java:541)
at net.jazz.oslc.consumer.examples.Example04.run(Example04.java:91)
at net.jazz.oslc.consumer.examples.Example04.main(Example04.java:150)
Any help would be appreciated.
Accepted answer
The answer has indeed been provided in the other post and I am copying it here so that it may be easier. Thanks to Donald Nong for figuring it out.
Well I figured it out after some debugging and mucking around. It seems that the CLM 5.0 server (with the bundled Tomcat anyway) no longer allows SSL connection with SSLv3 protocol, and TLSv1 is the only one supported in the default configuration. Due to the mismatched protocol, the SSL handshake will fail and no connection can be established. To make the sample code work, you need to modify the net/jazz/oslc/utils/HttpUtils.java file by changing
Well I figured it out after some debugging and mucking around. It seems that the CLM 5.0 server (with the bundled Tomcat anyway) no longer allows SSL connection with SSLv3 protocol, and TLSv1 is the only one supported in the default configuration. Due to the mismatched protocol, the SSL handshake will fail and no connection can be established. To make the sample code work, you need to modify the net/jazz/oslc/utils/HttpUtils.java file by changing
sc = SSLContext.getInstance("SSL"); //$NON-NLS-1$to
sc = SSLContext.getInstance("TLSv1"); //$NON-NLS-1$With this change, the code should still work with CLM 4.0.x server since it supports both SSLv3 and TLSv1.
One other answer
Check out the answer that Donald Nong posted to Question 153891 on July 24:
Comments
I had already commented on that post. And also wrote here that I commented on that post too. Maybe you didn't read my comments.
what Donald write is;
I can actually see the same error in my CLM 5.0 environment now for some reason. I analyzed the network trace using Wireshark and found out that the Java application actually communicated with the CLM 5.0 server (GET versionCompatibility) before being kicked out by the server (it seems).
The curious thing is CLM 4.0.6 and CLM 5.0 actually use the same certificate if the bundled Tomcat is used. Some more digging is still required.
Any other idea ?
Comments
Donald Nong
Jul 23 '14, 2:33 a.m.Same problem was posted before.
https://jazz.net/forum/questions/153891/oslc-workshop-with-rtc-50-sslpeeruniverifiedexception
Mustafa Askin
Jul 23 '14, 2:57 a.m.@Dnong I write a comment there too.