Hi,

When I implemented a standalone client   communicating
over SSL, I needed to import the server certificat  in
client jdk's cacerts. I did no specific SSL code,  but
I got same "untrusted ..." error.

One simple thing to do is to copy the keystore used on
your server to "<some_directory>/lib/security"      on
client, then start your client app with this command:

java -Djava.home=<some_directory> -jar myapp.jar

If it's not a client application, try to replace  your
client <java_home>/jre/lib/security/cacerts by  server
keystore (renamed as cacerts). If it work,     you can
later import server cert to original sun's cacert.

On Mec, 13 sep 2000, Carlos Piqueres Ayela <[EMAIL PROTECTED]> wrote:

>When trying to connect to our own secure server using this code we get a
>SSLException saying that the cert chain is untrusted.
>The certificate in the server has been generated by verisign as a trial
>cert.
>We can't see the cipherSuite nor the certificate chain. The exception
>must be thrown in connection time.
>
>Is there any configuration stuff we haven't consider ??
>Is there a problem in the client code ??
>
>        try{
>            System.setProperty("java.protocol.handler.pkgs",
>"com.sun.net.ssl.internal.www.protocol");
>            Security.addProvider(new
>com.sun.net.ssl.internal.ssl.Provider());
>            URL urls = new URL("https://our.own.server");
>            URLConnection con = urls.openConnection();
>            con.setAllowUserInteraction(true);
>            HttpsURLConnection cons = (HttpsURLConnection) con;
>            if (cons == null)
>                System.out.println("La conexión el nula!!!");
>            System.out.println("Cypher Suite:" + cons.getCipherSuite());
>
>            cons.connect();
>            X509Certificate[] serverCerts =
>cons.getServerCertificateChain();
>            System.out.println("Certificados:" + serverCerts.length);
>            for (int i = 0; i < serverCerts.length; i++) {
>                System.out.println(serverCerts[i].toString());
>            }
>
>            System.out.println("Headers:" + con.getHeaderFieldKey(0));
>            BufferedReader reader = new BufferedReader(new
>InputStreamReader(con.getInputStream()));
>            String line = reader.readLine();
>            while (line != null) {
>                System.out.println(line);
>                line = reader.readLine();
>            }
>        } catch (SSLException e) {
>            System.out.println("Excepción SSL: " + e.toString());
>        } catch (Exception e){
>            e.printStackTrace();
>        }
>
>
>

+------------------+----------------------------+
| Bernard Sauterel | sauterel.net               |
+------------------+----------------------------+
             email | [EMAIL PROTECTED]

Reply via email to