tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: SSL Handshake Error / Couldn't find trusted certificate
Date Wed, 25 Jun 2003 06:24:03 GMT

"Antonio Fiol BonnĂ­n" <fiol.bonnin@terra.es> wrote in message news:3EF930C2.4060605@terra.es...
> I found that while trying to open a SSL (in fact HTTPS) connection from 
> inside a servlet. Could it be that?
> 

If you have a 1.4.x JVM, then opening a https connection should be easy.  This is assuming
that the server has a Verisign or Thwait signed cert (at least for Sun's JVM, other vendors
may supply a different set of cacerts).  Otherwise you need to add the root signer to your
cacerts on the client.  



> 
> 
> Bill Barker wrote:
> 
> >This is happening too late to be a server-cert problem.  I'm guessing that
> >you specified CLIENT-CERT auth, but you don't have any valid certs.
> >
> >"Dan Soschin" <d_soschin@yahoo.com> wrote in message
> >news:20030623223124.52015.qmail@web41604.mail.yahoo.com...
> >  
> >
> >>Specs: Tomcat 4.0.6 w/ JDK 1.4.1 on Windows 2000 Advanced Server
> >>
> >>I run the keytool command to generate keystore successfully, obtained a
> >>    
> >>
> >csr from thawte and
> >  
> >
> >>successfully imported it into the keystore file.  I modified the
> >>    
> >>
> >server.xml file to point to the
> >  
> >
> >>keystore file, etc, uncommenting SSL connector
> >>
> >>When I access my app at https:8443/myapp... I get the follow error in
> >>    
> >>
> >Tomcat:
> >  
> >
> >>2003-06-23 14:57:40 StandardWrapperValve[portal]: Servlet.service() for
> >>    
> >>
> >servlet portal threw
> >  
> >
> >>exception
> >>javax.servlet.ServletException: Exception opening resource
> >>https://localhost:8443/portal/FileMenuController.exec?action=viewAlt:
> >>javax.net.ssl.SSLHandshakeException:
> >>    
> >>
> >java.security.cert.CertificateException: Couldn't find
> >  
> >
> >>trusted certificate
> >>
> >>I'm new to Tomcat/SSL, but I have gone over the instructions in the howTo
> >>    
> >>
> >from apache and thawte
> >  
> >
> >>and cannot get any further.
> >>
> >>Can anybody please tell me what stupid thing I forget to do?  I'm sure its
> >>    
> >>
> >obvious.
> >  
> >
> >>Thanks!
> >>
> >>__________________________________
> >>Do you Yahoo!?
> >>SBC Yahoo! DSL - Now only $29.95 per month!
> >>http://sbc.yahoo.com
> >>    
> >>
> >
> >
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
> >  
> >
> 
> 

Mime
View raw message