tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: SSL is not working in Java Mobile Applications
Date Thu, 02 Apr 2009 14:08:44 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Siva,

On 4/2/2009 9:34 AM, SivaKumarl wrote:
> I am developing java mobile application using XHTML-MP,i generate a
> key store file and configured in Tomcat Server.xml it is working fine
> in browsers but while accessing through mobile i am getting error 
> screen "Security error:Untrusted Server certificate".

Perhaps your mobile devices don't have the latest set of top-level
and/or intermediate CA certs installed.

> I checked with remaining https urls they are working fine in mobile,
> Please suggest to generate keystore file for mobiles and how access
> in mobiles.

What type of SSL cert do you have? Do you have one of the newfangled EV
certs? If so, it's possible your clients are missing the right certs
from the CA that build the proper trust chain. Your only possibility in
that case would be to get an older-style certificate which uses an older
(and more wide-spread) CA cert.

Try doing this:

1. Visit your website using a browser and bring up the details for the
SSL certificate so you can see the chain of certs from the top-level
(something like VeriSign or Thawte) all the way down to yours.

2. Do the same thing with /another/ site that appears to work on your
mobile device.

3. Compare the two certificate chains to see what the differences are.

Do you find any differences? If you can't tell, post back with all the
details.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAknUxuwACgkQ9CaO5/Lv0PBLwQCgmAzfkvz3bCPX5p+CRUn0/cnm
gSwAoIzpbQgfFT0fIaDVBQLnN05/a2s/
=6uAb
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message