Further investigation found that the certificate chain of the authorize.net test url (https://test.authorize.net/gateway/transact.dll ), contains one more certificate which is from "GTE Cyber Trust Global Root" that is part of the trusted certificates. So it seems that ofbiz is collecting only 2 certificates (while the browsers collect all 3) from the website. Any suggestions to fix it? Regards, Vinay Agarwal
-----Original Message----- From: Vinay Agarwal [mailto:[EMAIL PROTECTED] Sent: Saturday, February 02, 2008 5:32 PM To: user@ofbiz.apache.org Subject: OFBiz MultiTrustManager Rejecting Authorize.net SSL cert Hello, I am running into problem during Authorize.net transactions that HttpClient doesn't accept Authorize.net's certificate and unless trustAny is true (which disables cert checking). From the verbose log, my understanding is we need to accept "Comodo Class 3 Security Services CA" certificate for this to succeed. Is this correct? How to fix it? (I am running on Windows XP - not sure if that has something to do with it.) Thanks in advance. Vinay Agarwal