hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alessandro Vernet <aver...@scdi.org>
Subject Re: No private keys found in keystore
Date Mon, 30 Jun 2008 18:27:31 GMT

Hi Julius,


juliusdavies wrote:
> 
> I figured out the problem.  Ugh.  Embarrassing.  It's complaining
> about your "truststore", not your "keystore."  I will try to put out a
> 0.3.11 release this weekend that addresses this.
> 
> As a temporary workaround, would you mind recompiling
> "not-yet-commons-ssl-0.3.10" from source?  In
> AuthSSLProtocolSocketFactory.java change this line:
> 
> TrustMaterial tm = new KeyMaterial(truststoreUrl, tsPass);
> 
> To this:
> 
> TrustMaterial tm = new TrustMaterial(truststoreUrl, tsPass);
> 

I got your latest code from SVN, applied the change above, and now get:

Exception in thread "main" java.security.KeyStoreException: TrustMaterial
couldn't load any certificates to trust!
	at org.apache.commons.ssl.TrustMaterial.<init>(TrustMaterial.java:243)
	at org.apache.commons.ssl.TrustMaterial.<init>(TrustMaterial.java:205)
	at org.apache.commons.ssl.TrustMaterial.<init>(TrustMaterial.java:200)
	at
org.apache.commons.httpclient.contrib.ssl.AuthSSLProtocolSocketFactory.<init>(AuthSSLProtocolSocketFactory.java:191)

I gather from your message that this is what I should get now, right? I am
confused, as it looks to like like the trust store I am using does contain
the certificate for the server I am calling:

$ keytool -list -keystore truststore

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry

xyz, Jun 27, 2008, trustedCertEntry,
Certificate fingerprint (MD5):
48:34:0D:7D:FB:6F:CF:A0:FD:10:9E:18:4C:F2:97:AC

Could it be that the trust store does contain a certificate, but that
TrustMaterial somehow doesn't think this certificate matches the host name
of the server?

Alex

-----
Orbeon Forms - Web 2.0 Forms, open-source, for the Enterprise
http://www.orbeon.com/

-- 
View this message in context: http://www.nabble.com/No-private-keys-found-in-keystore-tp18165598p18201461.html
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message