[Cosign-discuss] client exception 'No trusted certificate found'

[George Francis]

I'm having a problem where my cosign client doesn't seem to trust the 
certification chain from the cosignd server

This is how I prepare my keystore:

#create keystore
keytool -genkey -keyalg "RSA" -keystore jcosign.jks

#convert the certificate
openssl pkcs12 -export -in foobar.crt -inkey foobar.key  -out server.p12 -name 
www.foobar.org  -CAfile customer.crt -caname root

#import
keytool -importkeystore  -deststorepass mypass -destkeypass mypass 
-destkeystore jcosign.jks  -srckeystore server.p12 -srcstoretype PKCS12 
-srcstorepass mypass  -alias www.foobar.org



And then when I try to authenticate via jcosign:



15 Apr 2013 23:33:18,318 DEBUG [CosignConnection] 
[1:www.foobar.org:122.215.122.111:6663]: failed to init CosignConnection
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: 
No trusted certificate found
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at 
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1764)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
        at 
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)


Any suggestions how to diagnose this?



------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss