hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSL and server using self-signed certificate
Date Wed, 07 Jul 2004 21:59:17 GMT
Folks,
The good thing about EasySSLProtocolSocketFactory is that its trust
manager does not require a custom truststore at all. It basically trusts
any certificate whose certificate chain contains only one entry, that is
the certificate itself, and delegates the verification of all other
certificate chains to the standard trust manager

Oleg


On Wed, 2004-07-07 at 18:22, Eric Johnson wrote:
> Andre,
> 
> At a quick glance, it appears that there is one problem that I've 
> experienced that the SSL guide doesn't seem to cover.  Presumably, once 
> you've created your self-certified certificate, you added it to your 
> JVM's cacerts file using the keytool?  I've found that a self-signed 
> certificate may not work unless you pass the -trustcacerts option when 
> doing the import.  Not sure why that is, and your experience may vary 
> based on the JRE version you're using.
> 
> -Eric.
> 
> Andre-John Mas wrote:
> 
> >Hi,
> >
> >I have set up a Tomcat 4.1 server to use SSL, with the help of a self-certified
> >certificate, ie with no trusted third party certifying it. I now try getting
> >my client, which uses 'commons-httpclient-2.0-rc2' to connect. When I do,
> >I get the following exception:
> >
> >  sun.security.validator.ValidatorException: No trusted certificate found
> >
> >Is there a way to get self-certified certifcates to be automatically trusted.
> >I must admit I am a newbie when it comes to SSL, so any help would be very much
> >appreciated.
> >
> >regards
> >
> >Andre
> >
> >  
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message