commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Catalin Ionescu" <c...@elinuspro.com>
Subject root_cert_expired
Date Mon, 01 Mar 2004 21:45:15 GMT
I used to have httpclient for automated download of financial website with VeriSign International
Server CA - Class 3 Certificate, on a Microsoft IIS web server. 
Since January 7th this year, the connectivity broke, error message is <untrusted server
cert chain> 
due to I believe VeriSign's Global Server ID Intermediate Root CA which expired on 1/7/2004.

Unfortunately this IIS web server still allows browser downloads with warning on older Netscape
browsers or not warnings at all in a IE browser. 
Distinct web or aplication servers behave differently, e.g.z IBM products will require ROOT
update. In a Netscape browser I get this warning: 
<this site uses encryption, but Netscape does not recognize the authority who sign its
Certificate. You may decide to accept it anyway> 

My problem is I have no say ove an update of the host, I am just a client to there website.
Though I warn and send them hints, they do not listen and here is the link I sent to host
site: 
http://www.verisign.com/support/site/caReplacement.html 
Question: Now with ROOT expired httpclient treats current certificate as non-VeriSign. 
Is it possible to do any sort of registration on my client side so I will continue to be granted
access and download file ? 

The java program has these: 
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); 
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");


Thanks.

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org


Mime
View raw message