tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kareem_s_m <kareemud...@gmail.com>
Subject RE: Ignore or Trust any certificate
Date Sat, 11 Jul 2009 04:36:31 GMT

So when my site connects to a site through HTTPS protocol, tomcat tires to
validate the server certificate with the cacerts keystore in my JDK. Now if
the server certificate is signed by a trusted authority then the connection
is successful. But if the certificate is a test one (not signed by any
trusted authority) and when tomcat tries to validate the certificate, the
validation fails and the connection fails. The error I get it as follows:

Caught unhandled exception: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target.

So to avoid this, I want to know if tomcat can ignore or trust any server
certificate with out validating it.


Caldarale, Charles R wrote:
> 
>> From: kareem_s_m [mailto:kareemuddin@gmail.com]
>> Subject: RE: Ignore or Trust any certificate
>> 
>> If my application is the client, and I am connecting to a website
>> through a HTTP Post, then I want the tomcat (on which my website 
>> is running) to not validate the connecting site's certificate.
>> It should either ignore or trust any certificate.
> 
> Then why bother to configure client certification?
> 
> Or maybe you still haven't stated the problem clearly.
> 
>  - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-mail
> and its attachments from all computers.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Ignore--or-Trust-any-certificate-tp24432691p24437237.html
Sent from the Tomcat - User mailing list archive at Nabble.com.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message