I have this URL: https://oxbranch.optionsxpress.com/accountservice/account.asmx/GetOxSessionWithSource
If you hit it from your browser, you will probably get a 500 response and a stacktrace printed. OK -- this is what we want. However, hit it from HttpClient and you'll get a SSLPeerUnverifiedException. I am guessing it has to do with that site's root certificate not being in the JVM's cacerts. So I tried to import the chain into a keystore file, but have had no such luck so far. Attempting to use keytool to import an entire PEM or p7c chain only seems to import the top certificate in the file, and importing the certificates individually doesn't seem to create the chain properly either. I have tried this fifteen different ways and spent like a whole day searching for the correct 'keytool' incantation... Any help would be _greatly_ appreciated. Example file attached. http://www.nabble.com/file/p21564943/HCTest.java HCTest.java -- View this message in context: http://www.nabble.com/SSLPeerUnverifiedException----cannot-get-chain-imported-correctly-tp21564943p21564943.html Sent from the HttpClient-User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org
