Thanks for the info; let me try and clarify: My server has a test certificate from thawte. Do I need to import thawte's "test" root ca into the cacerts file in the jdk/jre directory (if so, how), or do I need to import my server's test certificate into my client's "user" .keystore file with keytool?
Hopefully these questions aren't too dumb - I've only been looking at this a couple of days and I'm still trying to sort it all out. mike. ****************** Joe Pruitt writes: You need to install the server certificate in your local truststore. This can be done programmatically or manually using the keytool command. The API's changed from 1.3.x to 1.4, but here is a 1.4 client tool that I've used in the past that shows how to hook into the trust manager. Usage: installCert server_address keystore_password certificate_alias. BTW, I've found that a good runtime flag to use is "-Djavax.net.debug=ssl". It dumps a ton of useful information to help debug ssl communications. Good luck... -Joe -- To unsubscribe, e-mail: <mailto:soap-user-unsubscribe@;xml.apache.org> For additional commands, e-mail: <mailto:soap-user-help@;xml.apache.org>
