commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Becke <be...@u.washington.edu>
Subject Re: root_cert_expired
Date Tue, 02 Mar 2004 04:50:35 GMT
Hello Catalin,

Please take a look at the HttpClient SSL guide to get started  
<http://jakarta.apache.org/commons/httpclient/sslguide.html>.  For more  
details about JSSE please refer to Sun's docs on the subject  
<http://java.sun.com/products/jsse/>.  Please let us know if you run  
into any difficulties.

Thanks,

Mike

On Mar 1, 2004, at 4:45 PM, Catalin Ionescu wrote:

> I used to have httpclient for automated download of financial website  
> with VeriSign International Server CA - Class 3 Certificate, on a  
> Microsoft IIS web server.
> Since January 7th this year, the connectivity broke, error message is  
> <untrusted server cert chain>
> due to I believe VeriSign's Global Server ID Intermediate Root CA  
> which expired on 1/7/2004.
> Unfortunately this IIS web server still allows browser downloads with  
> warning on older Netscape browsers or not warnings at all in a IE  
> browser.
> Distinct web or aplication servers behave differently, e.g.z IBM  
> products will require ROOT update. In a Netscape browser I get this  
> warning:
> <this site uses encryption, but Netscape does not recognize the  
> authority who sign its Certificate. You may decide to accept it  
> anyway>
>
> My problem is I have no say ove an update of the host, I am just a  
> client to there website. Though I warn and send them hints, they do  
> not listen and here is the link I sent to host site:
> http://www.verisign.com/support/site/caReplacement.html
> Question: Now with ROOT expired httpclient treats current certificate  
> as non-VeriSign.
> Is it possible to do any sort of registration on my client side so I  
> will continue to be granted access and download file ?
>
> The java program has these:
> Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
> System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.intern 
> al.www.protocol");
>
> Thanks.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org


Mime
View raw message