It appears to only occur in testing environments. As a consultant I don't have access to production credentials, nor do I want them. The solution we used to solve the problem was to modify net.authorize.util.HttpClient. We added an inner class:
class WebClientDevWrapper {
public static DefaultHttpClient wrapClient(DefaultHttpClient base) {
try {
SSLContext ctx = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
X509HostnameVerifier verifier = new X509HostnameVerifier() {
@Override
public void verify(String string, SSLSocket ssls) throws IOException {
}
@Override
public void verify(String string, X509Certificate xc) throws SSLException {
}
@Override
public void verify(String string, String[] strings, String[] strings1) throws SSLException {
}
@Override
public boolean verify(String string, SSLSession ssls) {
return true;
}
};
ctx.init(null, new TrustManager[]{tm}, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx);
ssf.setHostnameVerifier(verifier);
ClientConnectionManager ccm = base.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", ssf, 443));
return new DefaultHttpClient(ccm, base.getParams());
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}
}
And an additional modification:
if(Environment.SANDBOX.equals(environment) ||
Environment.SANDBOX_TESTMODE.equals(environment)) {
InputStream outstream = (InputStream)httpPost.getEntity().getContent();
String requestData = convertStreamToString(outstream);
httpClient = WebClientDevWrapper.wrapClient(httpClient);
logger.debug("SANDBOX MODES ONLY>> Url-encoded request data: " + requestData);
}
Check this url for a discussion of the technique: http://javaskeleton.blogspot.com/2010/07/avoiding-peer-not-authenticated-with.html.
I hope this post saves someone a lot of stress!