hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Webb <dw...@hurff-webb.com>
Subject Re: SSL problem on HPUX
Date Tue, 06 Jan 2004 00:33:54 GMT
Oleg,

I appreciate the input.  I will create my own SSLProtocolSocketFactory like you 
suggested.  Can you shed any light on the different behavior in Windows vs 
HPUX?  Not that it will change anything, but I like to learn why these things 
behave the way they do to prevent future time wasting activities.

Thanks.

--
Sincerely,
David Webb
Vice-President
Hurff-Webb, Inc.
http://www.hurff-webb.com
(904) 861-2366
(904) 534-8294 Mobile


Quoting Oleg Kalnichevski <olegk@apache.org>:

> David,
> You may want to take a different approach and provide a custom SSL trust
> manager (which in its crudest and ugliest form may be programmed to
> simply trust all target servers)
> 
> Take a look at the 'Customizing SSL in HttpClient' section of the
> HttpClient SSL guide at the following location
> <http://jakarta.apache.org/commons/httpclient/sslguide.html>
> 
> Hope this helps
> 
> Oleg
> 
> On Mon, 2004-01-05 at 22:47, David Webb wrote:
> > I have written a simple Java application to call a URL using Jakarta 
> > HttpClient.  The code works like a champ on my windows 2K development 
> > workstation when accessing a URL the is protected by Siteminder (which 
> > redirects to SSL for Authentication).  The big difference is that when I
> try to 
> > run the same code on a HPUX box I get the following message...
> > 
> > javax.net.ssl.SSLHandshakeException:
> java.security.cert.CertificateException: 
> > CA certificate does not include basic constraints extension
> > 
> > I read some posts about Trusted CAs.  I used 'keytool' to create a keystore
> and 
> > import the Root Certificate for the Trusted Authority and I start my JVM
> like 
> > this...
> > 
> > keystore filename is cacerts
> > keystore password is password
> > 
> > java -Djavax.net.ssl.trustStore=/full/path/to/cacerts -
> > Djavax.net.ssl.trustStorePassword=password ClassName ARGS
> > 
> > Any help is greatly appreciated.
> > 
> > Thanks.
> > 
> > --
> > Sincerely,
> > David Webb
> > Vice-President
> > Hurff-Webb, Inc.
> > http://www.hurff-webb.com
> > (904) 861-2366
> > (904) 534-8294 Mobile
> > 
> > 
> > 
> > 
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
> > 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message