 | | | Couldn 't find trusted certificate | Couldn 't find trusted certificate 2003-12-16 - By Stuart Miller
Back
In the case where you don't need client-authentication (a client-side
certificate), then you only need to ensure the Issuer of the server cert
from <https://www.verisign.com> https://www.verisign.com (ie. the CA
certificate) is in your 'trustStore'.
The default truststore for JDK1.4 is a JKS KeyStore, located in the file
JAVA_HOME/jre/lib/security/cacerts. While should not need to do anything
special to connect to this URL, you will only need to ensure that the
Verisign CA cert in that keystore.
keytool -list -keystore JAVA_HOME/jre/lib/security/cacerts (default password
is "changeit")
Possibly, the verisign site uses a new CA, or an intermediate certificate
(chain)... so you can add these to your "cacerts" KeyStore by openning that
URL with a browser and 'exporting' them to DER encoded files, and importing
them to the cacerts KeyStore.
Your code as you typed it, worked fine for me -- using JDK1.4.2_03 (the
latest, and perhaps an updated cacerts store).
Good luck,
Stuart
-- --Original Message-- --
From: Coffman, Bill [mailto:bcoffman@(protected)]
Sent: Tuesday 16 December 2003 04:16
To: axis-user@(protected)
Subject: Couldn't find trusted certificate
Hello,
I am new to AXIS, and even pretty new to Java. My goal is to write a soap
client that connects to a url over https, with a certificate. Having lot's
of trouble with that, I am attempting to simply connect to a basic HTTPS
server. The sample code from jsse1.0.3_02 gives a URLReader example, that
doesn't work with my system. I get the infamous "Exception in thread "main"
javax.net.ssl.SSLHandshakeException  : Couldn't find trusted certificate"
error. The code is below:
import java.net.*;
import java.io.*;
public class URLReader {
public static void main(String[] args) throws Exception {
URL verisign = new URL("https://www.verisign.com/");
BufferedReader in = new BufferedReader(
new InputStreamReader(
verisign.openStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}
}
My compiler is j2sdk1.4.0, and interpreter is j2re1.4.0.
Now, if I change the URL to http://www.paypal.com <http://www.paypal.com/> ,
(note the http, and not https) the program works! Inspite of the fact
paypal will not send any unencrypted html. It forwards, via 302 code, to
https, and then in fact prints out the https code that I request. I am not
even trying to use a certificate here, but still get this message.
I would appreciate any help. Please also reply to my email address:
bcoffman@(protected) <mailto:bcoffman@(protected)> as I have having some
issues receiving the mail, even though I am subscribed.
Thanks,
Bill Coffman
Senior Software Engineer, QA
PayPal, an ebaY Company
|
|
|