Re: Setting javax.net.ssl.trustStore

2003-03-12 Thread Jon Wingfield 
What happens if you also set

-Djavax.net.ssl.keyStore=c:\...
-Djavax.net.ssl.keyStorePassword=password


Mayne, Peter wrote:

I have an application running in Tomcat 4.1.18 using JDK 1.4.1 on Windows XP
that makes connections to https://...;.
If I add the web server's certificate's CA to
JAVA_HOME\jre\lib\security\cacerts, everything works fine.
If instead I use a separate keystore, at the command prompt:

set java_opts=-Djavax.net.ssl.trustStore=c:\...
-Djavax.net.ssl.trustStorePassword=password
Then (at the same command prompt) run startup.bat, the exception:

javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: Couldn't find trusted certificate
is thrown.

How do I tell the servlet to use a different trust store?

Thanks.

PJDM
 





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Setting javax.net.ssl.trustStore

2003-03-12 Thread Mayne, Peter 
Title: RE: Setting javax.net.ssl.trustStore





Hmm. That worked.


My understanding is that javax.net.ssl.keyStore is for supplying a client certificate. Why should it make a difference here?

The next step is to actually use a client certificate for authentication. This will be interesting...


PJDM
-- 
Peter Mayne
Technology Consultant
Spherion Technology Solutions
Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602
T: 61 2 62689727 F: 61 2 62689777


 -Original Message-
 From: Jon Wingfield [mailto:[EMAIL PROTECTED]] 
 Sent: Thursday, 13 March 2003 12:54 AM
 To: Tomcat Users List
 Subject: Re: Setting javax.net.ssl.trustStore
 
 
 What happens if you also set
 
 -Djavax.net.ssl.keyStore=c:\...
 -Djavax.net.ssl.keyStorePassword=password
 
 
 
 Mayne, Peter wrote:
 
 I have an application running in Tomcat 4.1.18 using JDK 
 1.4.1 on Windows XP
 that makes connections to https://
 
 If I add the web server's certificate's CA to
 JAVA_HOME\jre\lib\security\cacerts, everything works fine.
 
 If instead I use a separate keystore, at the command prompt:
 
 set java_opts=-Djavax.net.ssl.trustStore=c:\...
 -Djavax.net.ssl.trustStorePassword=password
 
 Then (at the same command prompt) run startup.bat, the exception:
 
 javax.net.ssl.SSLHandshakeException:
 java.security.cert.CertificateException: Couldn't find 
 trusted certificate
 
 is thrown.
 
 How do I tell the servlet to use a different trust store?
 
 Thanks.
 
 PJDM
  
 
 
 
 
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 


The information contained in this email and any attachments to it:

(a) may be confidential and if you are not the intended recipient, any interference with, 
use, disclosure or copying of this material is unauthorised and prohibited; and

(b) may contain personal information of the recipient and/or the sender as defined 
under the Privacy Act 1988 (Cth). Consent is hereby given by the recipient(s) to 
collect, hold and use such information and any personal information contained in a 
response to this email, for any reasonable purpose in the ordinary course of 
Spherion's 
business, including forwarding this email internally or disclosing it to a third party. All 
personal information collected by Spherion will be handled in accordance with 
Spherion's Privacy Policy. If you have received this email in error, please notify the 
sender and delete it.

(c) you agree not to employ or arrange employment for any candidate(s) supplied in 
this email and any attachments without first entering into a contractual agreement with 
Spherion. You further agree not to divulge any information contained in this document 
to any person(s) or entities without the express permission of Spherion.





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]