Due to the current gap in continued funding from the U.S. National Science Foundation (NSF), the NSF Unidata Program Center has temporarily paused most operations. See NSF Unidata Pause in Most Operations for details.

[netcdf-java] Using EasySSLProtocolSocketFactory

Hi All,  

I'm trying to connect to a password protected OpenDAP server with an expired 
SSL certificate. Because the certificate is expired, I'm currently unable to 
get NetCDF-Java to connect to the server. So any advice or guidance is much 
appreciated.  

--- HERE'S WHAT I'VE TRIED SO FAR ---

I've created a CredentialsProvider and registered it using: 
ucar.nc2.util.net.HTTPSession.setGlobalCredentialsProvider(credentialProvider);


The problem is when I try to connect to the server, I get the following 
exception:

ucar.nc2.util.net.HTTPException: javax.net.ssl.SSLHandshakeException:
...
Caused by: javax.net.ssl.SSLHandshakeException: 
java.security.cert.CertificateExpiredException: NotAfter:


…


I've put together code to create a custom javax.net.ssl.SSLSocketFactory that 
will accept any SSL connection, even ones with expired certificates. However, I 
have no idea how to register it so that the NetCDF java library can use. I've 
found examples for commons-HttpClient v4 but not for v3.1 that NetCDF-Java 
uses. Anyone have any insight?

Thanks!  

--  
Brian Schlining




  • 2012 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the netcdf-java archives: