SSL Verification Fails when using non-standard interface in HTMLUnit in Java

Question

As a foreward, this is my first program in Java so apologies for any formatting atrocities I may have committed. I have hit a wall in my unit testing program. I am unable to use the default interface so I set the requests to go out on a different local address. However, when I do this the SSL no longer works. Here is the traceback I am receiving when I execute the program. I am looking for some way to make requests on non default interface (eth1 in my case) and have the SSL work.

Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:371)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
at com.gargoylesoftware.htmlunit.HttpWebConnection.getResponse(HttpWebConnection.java:172)
at com.gargoylesoftware.htmlunit.WebClient.loadWebResponseFromWebConnection(WebClient.java:1460)
at com.gargoylesoftware.htmlunit.WebClient.loadWebResponse(WebClient.java:1379)
at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:311)
at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:380)
at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:365)
at UnitTest.main(UnitTest.java:65)

--

public class UnitTest {

  public static void main(String[] args) throws Exception {
    WebClient webClient = new WebClient(BrowserVersion.FIREFOX_10);
    webClient.setWebConnection(new HttpWebConnection(webClient) {
      @Override
      protected AbstractHttpClient createHttpClient() {
        AbstractHttpClient client = super.createHttpClient();
        try {
          HttpParams params = client.getParams();
          params.setParameter(ConnRoutePNames.LOCAL_ADDRESS, InetAddress.getByName("XXX.XXX.XXX.XXX"));
          client.setParams(params);
        }
        catch(Exception e) {
          e.printStackTrace();
        }
        return client;
      }
    });
    webClient.setThrowExceptionOnScriptError(false);
    webClient.setJavaScriptEnabled(false);
    webClient.getCookieManager().setCookiesEnabled(true);

    HtmlPage page = (HtmlPage)
    webClient.getPage("https://someencryptedpage.com");

Answer 1

This is caused by the java keystore who dont trust this certificate.

Fastest solution would be to set the Webclient to ignore SSL exceptions :

For HtmlUnit pre 2.11 version :

webClient.setUseInsecureSSL(true); 

For HtmlUnit 2.11 & newer versions :

webClient.getOptions().setUseInsecureSSL(true);

Here's the HtmlUnit javadoc :

If for some reasons you want to manage the certificate to be trusted instead of ignoring it status, you can import it to your keystore but this can need maintenance for eg if the certificate is changed/renewd : add the certificate to the keystore. Here some pointers