question about SSL

[FunTest]

Hi, there:

I am just getting started with rest-assured with my project using
SSL.
I tried this:

RestAssured.baseURI="https://xx.xx.xx.xx";
RestAssured.keystore("test","test1234");
given().keystore("test", "test1234")
.body("......")
.post("https://xx.xx.xx.xx/rest/a/login");

I am using rest-assured 1.5 and put the certificate to a file "test".
It works fine but if I remove the "https://xx.xx.xx.xx" from the post
I always get "SSLPeerUnverifiedException: peer not authenticated"
exception.

It seems "RestAssured.keystore" doesn't work as expected.
Anyone knows why?

Thanks,
Fu

[Johan Haleby]

Hi, 

I've investigated it a little bit and it looks like a bug. You can try specifying: 

RestAssured.port = 443;

as a work-around and see if that helps. I'll add this as an issue.

Regards,

/Johan

[FunTest]

Thanks! The work-around works.

[sabf]

I have the same problem, and the work-around does not solve my problem.

I now hopefuly wait for the bugfix.

[Johan Haleby]

I'm on vacation right now (for 2.5 weeks) so I can't look into it atm :( Could anyone create a test case that demonstrates the issue? And of course it would be even better with a pull request that fixes it.. Please add it as a bug at the issue tracker as well.

Regards,
/Johan

[Johan Haleby]

If it's the same bug it's reported here and it's not fixed yet. It would be really good if you good help out with a fix.

Regards,

/Johan

On Wed, Aug 29, 2012 at 12:35 PM, Gayatri Kulkarni <gaya...@gmail.com> wrote:

 Hi Johan,

 Did you get the fix for SSLPeerUnverifiedException? I am getting it inspite of using keytool -importcert as specified on http://rest-assured.googlecode.com/svn/tags/1.2.3/apidocs/index.html?com/jayway/restassured/RestAssured.html
 This definitely looks like a bug to me. Is the issue already open?

Thanks and regards,
Gayatri

[Johan Haleby]

Well the first thing you should try is to follow this guide. If that doesn't work perhaps you could help out by implementing this.

/Johan

On Wed, Aug 29, 2012 at 10:37 PM, Kiruthika Subramanian <subramania...@gmail.com> wrote:

Below is my code (similarly uses HTTPS with 443 port defined) and gets me the peer authentication error, someone please help.

@Test

     public void putTest() {

RestAssured.port=443;

    RestAssured.urlEncodingEnabled = false;

    RequestSpecification reqSpec = given().authentication().basic("uname", "password");

    ResponseSpecification responseSpec = reqSpec.expect();

    String response = responseSpec.statusCode(200).request().

      contentType("Application/json").

      content("{name: test-REST,start: 1336111200000,end: 1336172400000}").

        when().

      put("https://mysever/putvalue").asString();

  System.out.println("Response Is:" +response);

[Kiruthika Subramanian]

Now, I have a new error (good I guess).

What I am missing here, please suggest....

java.lang.IllegalArgumentException: Don't know how to encode {"name": "test-REST", "start": 1336111200000,"end": 1336172400000} as a byte stream

at com.jayway.restassured.internal.http.EncoderRegistry.encodeStream(EncoderRegistry.java:125)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90)

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233)

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1054)

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:921)

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:884)

at groovy.lang.Closure.call(Closure.java:410)

at com.jayway.restassured.internal.http.HTTPBuilder$RequestConfigDelegate.setBody(HTTPBuilder.java:1017)

at com.jayway.restassured.internal.http.HTTPBuilder$RequestConfigDelegate.setBody(HTTPBuilder.java:1000)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90)

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233)

at groovy.lang.MetaClassImpl.setProperty(MetaClassImpl.java:2388)

at groovy.lang.MetaClassImpl.setProperty(MetaClassImpl.java:3312)

at org.codehaus.groovy.runtime.InvokerHelper.setProperty(InvokerHelper.java:183)

at groovy.lang.Closure.setPropertyTryThese(Closure.java:378)

at groovy.lang.Closure.setPropertyDelegateFirst(Closure.java:368)

at groovy.lang.Closure.setProperty(Closure.java:349)

at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.setGroovyObjectProperty(ScriptBytecodeAdapter.java:528)

at com.jayway.restassured.internal.RequestSpecificationImpl$_sendHttpRequest_closure14.doCall(RequestSpecificationImpl.groovy:854)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90)

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233)

at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:272)

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:884)

at groovy.lang.Closure.call(Closure.java:410)

at groovy.lang.Closure.call(Closure.java:423)

at com.jayway.restassured.internal.http.HTTPBuilder.doRequest(HTTPBuilder.java:419)

at com.jayway.restassured.internal.http.HTTPBuilder.request(HTTPBuilder.java:370)

at com.jayway.restassured.internal.http.HTTPBuilder$request.call(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124)

at com.jayway.restassured.internal.RequestSpecificationImpl.sendHttpRequest(RequestSpecificationImpl.groovy:848)

at com.jayway.restassured.internal.RequestSpecificationImpl.this$2$sendHttpRequest(RequestSpecificationImpl.groovy)

at com.jayway.restassured.internal.RequestSpecificationImpl$this$2$sendHttpRequest.callCurrent(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:46)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:133)

at com.jayway.restassured.internal.RequestSpecificationImpl.sendRequest(RequestSpecificationImpl.groovy:715)

at com.jayway.restassured.internal.RequestSpecificationImpl.this$2$sendRequest(RequestSpecificationImpl.groovy)

at com.jayway.restassured.internal.RequestSpecificationImpl$this$2$sendRequest.call(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124)

at com.jayway.restassured.internal.filter.RootFilter.filter(RootFilter.groovy:28)

at com.jayway.restassured.filter.Filter$filter.call(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124)

at com.jayway.restassured.internal.filter.FilterContextImpl.next(FilterContextImpl.groovy:47)

at com.jayway.restassured.filter.FilterContext$next.call(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:120)

at com.jayway.restassured.internal.RequestSpecificationImpl.invokeFilterChain(RequestSpecificationImpl.groovy:658)

at com.jayway.restassured.internal.RequestSpecificationImpl$invokeFilterChain.callCurrent(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:46)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:133)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:149)

at com.jayway.restassured.internal.RequestSpecificationImpl.applyPathParamsAndSendRequest(RequestSpecificationImpl.groovy:1037)

at com.jayway.restassured.internal.RequestSpecificationImpl.this$2$applyPathParamsAndSendRequest(RequestSpecificationImpl.groovy)

at com.jayway.restassured.internal.RequestSpecificationImpl$this$2$applyPathParamsAndSendRequest.callCurrent(Unknown Source)

at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:46)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:133)

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:149)

at com.jayway.restassured.internal.RequestSpecificationImpl.put(RequestSpecificationImpl.groovy:131)

at com.test.restAssured.PUTNewEvent.putCreateEvent(PUTNewEvent.java:26)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)

at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)

at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)

at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)

at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)

at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)

at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)

at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)

at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)

at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)

at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)

at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)

at org.junit.runners.ParentRunner.run(ParentRunner.java:300)

at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)

at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)

at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)

at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)

at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)

at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)

[Johan Haleby]

Can you show us the code?

/Johan

[Kiruthika Subramanian]

Below is the code. 

public class PUTNewEvent {

@Test

     public void putCreateEvent() {

    RestAssured.port=443;

    RestAssured.urlEncodingEnabled = false;

    RequestSpecification reqSpec = given().authentication().basic("uname", "password");

    ResponseSpecification responseSpec = reqSpec.expect();

   

    String response = responseSpec.statusCode(200).request().given().

      contentType("aplication/json").

      content("{\"name\": \"test-REST\", \"start\": 1336111200000,\"end\": 1336172400000}").

   when().

      put("https://servername/events").asString();

[Johan Haleby]

"aplication/json" you be "application/json"

/Johan

[Johan Haleby]

-you +should

[Kiruthika Subramanian]

darn..... that worked. 

Thank you Johan, appreciate your help (I certainly feel stupid :-p) 

Have a relaxing long weekend.

[Johan Haleby]

No problem, it happens :) 

Regards,

/Johan

[Johan Haleby]

Hmm if it doesn't work when you specify a keystore then I don't think you'll get it to work very easily :/ It would be great if you could help out by either digging in to the code to see what can be done or point me in the right direction for how to implement support for it using Apache HTTP Client.

Regards,

/Johan

On Tue, Mar 12, 2013 at 5:31 PM, Rekha Ramakrishnan <rekr...@gmail.com> wrote:

Hi All,

I am facing an issue with rest assured. I have just started working on rest Assured and facing issues with https. Please help.
I have a p12 certificate with a private key. Using java keytool, i have imported the same and converted to a .jks format.
I have used this in the key store as below
       RestAssured.baseURI="https://otwsqa.tivo.com";
      RestAssured.keystore("c:/keys/truststore.jks","changeit");
      RestAssured.given().keystore("c:/keys/truststore.jks", "changeit");
      RestAssured.port=443;
      RestAssured.urlEncodingEnabled = false;
      RestAssured.post("/deviceInfoSearch?type=deviceInfoSearch&tivoSerialNumber=746000190827326");

On running this, I am getting the below error.
Exception in thread "main" javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:692)
    at org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:65)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
    at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
    at org.apache.http.client.HttpClient$execute.call(Unknown Source)

    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:120)

    at com.jayway.restassured.internal.RequestSpecificationImpl$RestAssuredHttpBuilder.doRequest(RequestSpecificationImpl.groovy:1350)
    at com.jayway.restassured.internal.http.HTTPBuilder.post(HTTPBuilder.java:340)
    at com.jayway.restassured.internal.http.HTTPBuilder$post.call(Unknown Source)

    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:120)

    at com.jayway.restassured.internal.RequestSpecificationImpl.sendRequest(RequestSpecificationImpl.groovy:774)

    at com.jayway.restassured.internal.RequestSpecificationImpl.this$2$sendRequest(RequestSpecificationImpl.groovy)
    at com.jayway.restassured.internal.RequestSpecificationImpl$this$2$sendRequest.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124)
    at com.jayway.restassured.internal.filter.RootFilter.filter(RootFilter.groovy:28)
    at com.jayway.restassured.filter.Filter$filter.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124)
    at com.jayway.restassured.internal.filter.FilterContextImpl.next(FilterContextImpl.groovy:47)
    at com.jayway.restassured.filter.FilterContext$next.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:42)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:120)

    at com.jayway.restassured.internal.RequestSpecificationImpl.invokeFilterChain(RequestSpecificationImpl.groovy:731)

    at com.jayway.restassured.internal.RequestSpecificationImpl$invokeFilterChain.callCurrent(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:46)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:133)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:149)

    at com.jayway.restassured.internal.RequestSpecificationImpl.applyPathParamsAndSendRequest(RequestSpecificationImpl.groovy:1115)

    at com.jayway.restassured.internal.RequestSpecificationImpl.this$2$applyPathParamsAndSendRequest(RequestSpecificationImpl.groovy)
    at com.jayway.restassured.internal.RequestSpecificationImpl$this$2$applyPathParamsAndSendRequest.callCurrent(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:46)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:133)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:149)

    at com.jayway.restassured.internal.RequestSpecificationImpl.post(RequestSpecificationImpl.groovy:134)
    at com.jayway.restassured.RestAssured.post(RestAssured.java:799)
    at com.tivo.sampleRestClass.main(sampleRestClass.java:63)

--
You received this message because you are subscribed to the Google Groups "REST assured" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rest-assured...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Kiruthika Subramanian]

Here is some piece of suggestion....

http://stackoverflow.com/questions/7256955/java-sslexception-hostname-in-certificate-didnt-match

[Kiruthika Subramanian]

And more...

http://javaskeleton.blogspot.com/2010/07/avoiding-peer-not-authenticated-with.html

http://tech.chitgoks.com/2011/04/24/how-to-avoid-javax-net-ssl-sslpeerunverifiedexception-peer-not-authenticated-problem-using-apache-httpclient/

[Rekha Ramakrishnan]

Thanks Kiruthika

I am able to compile and run a java code that connects to my secured webservice and returns response using the certificate and passcode.

The issue I am facing is using Rest asured, how do I connect to the same webservice. If i use keystore method, it is throwing peer not authenticated.

Is there a way to to make rest assured use my java class for establishing the connection and then use the built in methods of rest assured for parsing response etc.

Thanks
Rekha

--

You received this message because you are subscribed to a topic in the Google Groups "REST assured" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rest-assured/vVLpZbcgB48/unsubscribe?hl=en.
To unsubscribe from this group and all its topics, send an email to rest-assured...@googlegroups.com.

[Johan Haleby]

Yes you could use any framework to connect to the server and then use JsonPath or XmlPath from REST Assured to extract values from the response body.

Regards,

/Johan

--

You received this message because you are subscribed to the Google Groups "REST assured" group.

To unsubscribe from this group and stop receiving emails from it, send an email to rest-assured...@googlegroups.com.

[Salil Gupta]

Hi 

After following the steps mentioned in guide .

I was able to get rid of peer authentication error .

But I am getting a weird exception "java.net.SocketException: Socket is closed" 

Can you please ;et me know if any solution exits for the same .

Code Snippet is :-

@Test

    public void upsell_api() {

        RestAssured.port = 443;

        RestAssured.urlEncodingEnabled = true;

        RequestSpecification reqSpec =  given().authentication().form(USER, PASS);

        reqSpec.keystore("/Users/sgupta/Desktop/truststore.jks", "test1234");

        System.out.println("The reqSpec is"+reqSpec);

        ResponseSpecification responseSpec = reqSpec.expect();

        System.out.println("The responseSpec is"+responseSpec);

        response = responseSpec.statusCode(200).

               contentType("text/html").

               body(

                       "msg", equalTo("User has access")).

                       

               when().

               get(HOST+"/store/api/v1.0/upsell").asString();

        System.out.println("Response Is:" + response);   

    

        

    }

[Johan Haleby]

Never experienced this before so I don't know what's going on.