Re: SSL and server using self-signed certificate
Folks, The good thing about EasySSLProtocolSocketFactory is that its trust manager does not require a custom truststore at all. It basically trusts any certificate whose certificate chain contains only one entry, that is the certificate itself, and delegates the verification of all other certificate chains to the standard trust manager Oleg On Wed, 2004-07-07 at 18:22, Eric Johnson wrote: > Andre, > > At a quick glance, it appears that there is one problem that I've > experienced that the SSL guide doesn't seem to cover. Presumably, once > you've created your self-certified certificate, you added it to your > JVM's cacerts file using the keytool? I've found that a self-signed > certificate may not work unless you pass the -trustcacerts option when > doing the import. Not sure why that is, and your experience may vary > based on the JRE version you're using. > > -Eric. > > Andre-John Mas wrote: > > >Hi, > > > >I have set up a Tomcat 4.1 server to use SSL, with the help of a self-certified > >certificate, ie with no trusted third party certifying it. I now try getting > >my client, which uses 'commons-httpclient-2.0-rc2' to connect. When I do, > >I get the following exception: > > > > sun.security.validator.ValidatorException: No trusted certificate found > > > >Is there a way to get self-certified certifcates to be automatically trusted. > >I must admit I am a newbie when it comes to SSL, so any help would be very much > >appreciated. > > > >regards > > > >Andre > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL and server using self-signed certificate
Further to earlier comments, here's the command line I use to import the cert into my keystore. You need to be in your JAVA_HOME/jre/lib/security directory when you run this command. keytool -import -trustcacerts -file -keystore .\cacerts -alias Hope this helps. Tim Andre-John Mas wrote: Hi, I have set up a Tomcat 4.1 server to use SSL, with the help of a self-certified certificate, ie with no trusted third party certifying it. I now try getting my client, which uses 'commons-httpclient-2.0-rc2' to connect. When I do, I get the following exception: sun.security.validator.ValidatorException: No trusted certificate found Is there a way to get self-certified certifcates to be automatically trusted. I must admit I am a newbie when it comes to SSL, so any help would be very much appreciated. regards Andre - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL and server using self-signed certificate
Andre, At a quick glance, it appears that there is one problem that I've experienced that the SSL guide doesn't seem to cover. Presumably, once you've created your self-certified certificate, you added it to your JVM's cacerts file using the keytool? I've found that a self-signed certificate may not work unless you pass the -trustcacerts option when doing the import. Not sure why that is, and your experience may vary based on the JRE version you're using. -Eric. Andre-John Mas wrote: Hi, I have set up a Tomcat 4.1 server to use SSL, with the help of a self-certified certificate, ie with no trusted third party certifying it. I now try getting my client, which uses 'commons-httpclient-2.0-rc2' to connect. When I do, I get the following exception: sun.security.validator.ValidatorException: No trusted certificate found Is there a way to get self-certified certifcates to be automatically trusted. I must admit I am a newbie when it comes to SSL, so any help would be very much appreciated. regards Andre - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: SSL and server using self-signed certificate
Andre This is a very common problem. Please consult 'Customizing SSL' section of the HttpClient SSL guide for details on how the problem can be resolved http://jakarta.apache.org/commons/httpclient/sslguide.html Oleg -Original Message- From: Andre-John Mas [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 07, 2004 16:01 To: [EMAIL PROTECTED] Subject: SSL and server using self-signed certificate Hi, I have set up a Tomcat 4.1 server to use SSL, with the help of a self-certified certificate, ie with no trusted third party certifying it. I now try getting my client, which uses 'commons-httpclient-2.0-rc2' to connect. When I do, I get the following exception: sun.security.validator.ValidatorException: No trusted certificate found Is there a way to get self-certified certifcates to be automatically trusted. I must admit I am a newbie when it comes to SSL, so any help would be very much appreciated. regards Andre *** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. ***
