hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSL certificate 2048 bit with 3.0
Date Tue, 24 Nov 2009 09:20:40 GMT
On Mon, 2009-11-23 at 13:21 +0100, BAYER, Patrice wrote:
> Hello,
> In a projet, we're using commons-httpclient 3.0 and the class EasySSLProtocolSocketFactory
(EasyX509TrustManager) to have a SSL connection to a server.
> But we have the error < java.security.cert.CertificateException: Untrusted Server
Certificate Chain > when the client connects to the server.
> The certificate is with 2048 bit but not with 1024 signed by the organism Verisign.
> In this version of commons-httpclient, can the client accept this kind of key or must
we upgrade client ?
> Patrice Bayer


HttpClient relies on standard java SSL functionality and therefore can
work with any certificates supported by JSSE.

This problem has nothing to do with the key length. The certificate has
been rejected as untrusted so apparently the SSL context have not
correctly initialized with the trust material.


> </PRE><p style="font-family:arial;color:grey" style="font-size:13px">This
message contains information that may be privileged or confidential and is the property of
the Capgemini Group. It is intended only for the person to whom it is addressed. If you are
not the intended recipient, you are not authorized to read, print, retain, copy, disseminate,
distribute, or use this message or any part thereof. If you receive this message in error,
please notify the sender immediately and delete all copies of this message.</p><PRE>

To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org

View raw message