From commons-user-return-6732-apmail-jakarta-commons-user-archive=jakarta.apache.org@jakarta.apache.org Mon Mar 01 21:40:52 2004 Return-Path: Delivered-To: apmail-jakarta-commons-user-archive@www.apache.org Received: (qmail 15383 invoked from network); 1 Mar 2004 21:40:52 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 1 Mar 2004 21:40:52 -0000 Received: (qmail 96093 invoked by uid 500); 1 Mar 2004 21:40:09 -0000 Delivered-To: apmail-jakarta-commons-user-archive@jakarta.apache.org Received: (qmail 96028 invoked by uid 500); 1 Mar 2004 21:40:08 -0000 Mailing-List: contact commons-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Jakarta Commons Users List" Reply-To: "Jakarta Commons Users List" Delivered-To: mailing list commons-user@jakarta.apache.org Received: (qmail 95732 invoked from network); 1 Mar 2004 21:40:06 -0000 Received: from unknown (HELO elinuspro.com) (216.19.64.250) by daedalus.apache.org with SMTP; 1 Mar 2004 21:40:06 -0000 Date: Mon, 1 Mar 2004 16:45:15 -0500 Message-Id: <200403011645.AA125698384@elinuspro.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: "Catalin Ionescu" Reply-To: To: Subject: root_cert_expired X-Mailer: X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N I used to have httpclient for automated download of financial website with VeriSign International Server CA - Class 3 Certificate, on a Microsoft IIS web server. Since January 7th this year, the connectivity broke, error message is due to I believe VeriSign's Global Server ID Intermediate Root CA which expired on 1/7/2004. Unfortunately this IIS web server still allows browser downloads with warning on older Netscape browsers or not warnings at all in a IE browser. Distinct web or aplication servers behave differently, e.g.z IBM products will require ROOT update. In a Netscape browser I get this warning: My problem is I have no say ove an update of the host, I am just a client to there website. Though I warn and send them hints, they do not listen and here is the link I sent to host site: http://www.verisign.com/support/site/caReplacement.html Question: Now with ROOT expired httpclient treats current certificate as non-VeriSign. Is it possible to do any sort of registration on my client side so I will continue to be granted access and download file ? The java program has these: Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol"); Thanks. --------------------------------------------------------------------- To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: commons-user-help@jakarta.apache.org