This time I was successful in importing my server's certificate by using the
following command-
keytool -import -alias local -file XP.cer
The import was successful, but I still get the exact same
SSLHandshakeException. Please help...
Thanks!
Guy With Question <[EMAIL PROTECTED]> wrote:
Hi,
I have a question regarding the usage of HttpClient. I hope to find an answer
here.
Platform: WebLogic 8.1 SP5 Dev license; JDK 1.4.2_08; HttpClient-3.0-rc3
Problem Description: I have written a small http client code that has to call
a servlet over SSL. The servlet is running on the SAME server (WL8.1 dev
license) that the client is running. During run-time I get the following
exception.
=======================================================
<Mar 9, 2006 5:26:04 PM EST> <Warning> <Security> <BEA-090485>
<CERTIFICATE_UNKNOWN alert was received from WinXP-hammer.local - 10.1.11.30.
The peer has an unspecified issue with the certificate. SSL debug tracing
should be enabled on
the peer to determine what the issue is.>
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
No trusted certificate found
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA12275)
at
java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at
org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:825)
at
org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1975)
at
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
at
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:393)
at
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:168)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
at
com.corp.ui.shared.util.LoginHttpClient.sendPostRequest(LoginHttpClient.java:43)
at
com.corp.ui.seller.action.SellerLoginAction.execute(SellerLoginAction.java:65)
at
org.mwolff.struts.back.BackRequestProcessor.processActionPerform(BackRequestProcessor.java:109)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:226)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1072)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6981)
at
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3892)
at
weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2766)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: sun.security.validator.ValidatorException: No trusted certificate
found
at
sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:304)
at
sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:107)
at sun.security.validator.Validator.validate(Validator.java:202)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA12275)
at
com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA12275)
... 34 more
=======================================================
I do not know why the client is not recognizing a certificate presented my
the server that's hosting the client itself! I know JSSE is set-up correctly
because I use the same client to communicate with HTTPS sites on the Internet.
Solution Tried
I used IE's certificate wizard to export my server's certificate into a
XP.cer file. I then tried adding the server's certificate to
jdk\jre\lib\security\cacerts using keytool, but I get the following error:
=============================
keytool -import -alias cacerts -file XP.cer
Enter keystore password: password
keytool error: java.lang.Exception: Certificate not imported, alias <cacerts>
already exists
=============================
Can someone tell me how to resolve this issue?
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
---------------------------------
Brings words and photos together (easily) with
PhotoMail - it's free and works with Yahoo! Mail.
