Re: SSL: certificate_unknown

Donald Albertson Wed, 03 Nov 2004 06:06:00 -0800

I'm not sure that this is the same problem but...

The TEST server that I access using XML-RPC has a "dummy" certificate
and causes the same problem.
The default code wants a certificate with verification and the dummy
doesn't have that.


I get around this by having an embedded:

class LoginNullHostnameVerifier implements
javax.net.ssl.HostnameVerifier {
        public boolean verify(String urlHostname, SSLSession session){
            return true;
        }
    }


To use it instead of the real one just:
           HttpsURLConnection.setDefaultHostnameVerifier(new
LoginNullHostnameVerifier());


dga



>>> [EMAIL PROTECTED] 11/03/2004 7:50:16 AM >>>
Hi.

I'm trying to get an XML-RPC server running via SecureWebServer/
SecureXmlRpcClient (without SSL it works of course ;).

Unfortunately I couldn't find an example for use with SSL.

I've created the keys with the following commands (as described in
create-keystore.sh):

        keytool -genkey \
                -alias server \
                -keypass password \
                -keystore keystore \
                -storepass password \
                -validity 180

        keytool -export \
                -alias server \
                -keystore keystore \
                -keypass password \
                -storepass password \
                -rfc \
                -file testkeys.cer

        keytool -import \
                -alias server \
                -file testkeys.cer \
                -keystore truststore \
                -storepass password

I've copied them in a subdirectory of the server and the client.


The servers code is:

        SecurityTool.setKeyStore( "keys/keystore" );
        SecurityTool.setKeyStorePassword( "password" );
        SecurityTool.setKeyStoreType( "JKS" );
        SecurityTool.setKeyManagerType( "SunX509" );
        SecurityTool.setSecurityProtocol( "TLS" );

        SecureWebServer server = new SecureWebServer( 4711 );
        server.addHandler( "functions", new XMLRPCHandler() );

        server.setParanoid( false );
        server.start();


The client Code is:

        SecurityTool.setKeyStore( "keys/keystore");
        SecurityTool.setKeyStorePassword( "password");
        SecurityTool.setKeyStoreType( "JKS" );
        SecurityTool.setKeyManagerType( "SunX509" );
        SecurityTool.setSecurityProtocol( "TLS" );

        dbCon = new SecureXmlRpcClient( host, port );
        dbCon.setup();


The server runs and the client's SecureXmlRpcClient object is being
created but when I try to use execute, I get this exception on the
server:

javax.net.ssl.SSLHandshakeException: Received fatal alert: \
  certificate_unknown

and on the client:

java.io.IOException: sun.security.validator.ValidatorException: No \
  trusted certificate found


Where's my mistake?
________________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt neu bei WEB.DE FreeMail: http://freemail.web.de/?mc=021193

Re: SSL: certificate_unknown

Reply via email to