Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 30507 invoked from network); 11 Jul 2009 13:39:16 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 11 Jul 2009 13:39:16 -0000 Received: (qmail 92155 invoked by uid 500); 11 Jul 2009 13:39:22 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 92087 invoked by uid 500); 11 Jul 2009 13:39:22 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 92076 invoked by uid 99); 11 Jul 2009 13:39:22 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Jul 2009 13:39:22 +0000 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=MSGID_FROM_MTA_HEADER,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of ajmas@sympatico.ca designates 65.55.111.87 as permitted sender) Received: from [65.55.111.87] (HELO blu0-omc2-s12.blu0.hotmail.com) (65.55.111.87) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Jul 2009 13:39:11 +0000 Received: from BLU0-SMTP15 ([65.55.111.71]) by blu0-omc2-s12.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Sat, 11 Jul 2009 06:38:50 -0700 X-Originating-IP: [70.53.138.14] X-Originating-Email: [ajmas@sympatico.ca] Message-ID: Received: from [192.168.1.2] ([70.53.138.14]) by BLU0-SMTP15.blu0.hotmail.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Sat, 11 Jul 2009 06:38:49 -0700 From: Andre-John Mas To: "Tomcat Users List" In-Reply-To: <24437237.post@talk.nabble.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v935.3) Subject: Re: Ignore or Trust any certificate Date: Sat, 11 Jul 2009 09:38:47 -0400 References: <24432691.post@talk.nabble.com> <18D50174849B4629A65B7F2411F1B020@phoenix> <24436746.post@talk.nabble.com> <0AAE5AB84B013E45A7B61CB66943C172296D66ED8E@USEA-EXCH7.na.uis.unisys.com> <24437237.post@talk.nabble.com> X-Mailer: Apple Mail (2.935.3) X-OriginalArrivalTime: 11 Jul 2009 13:38:49.0354 (UTC) FILETIME=[EBEDFEA0:01CA022C] X-Virus-Checked: Checked by ClamAV on apache.org On 11-Jul-2009, at 00:36, kareem_s_m wrote: > > So when my site connects to a site through HTTPS protocol, tomcat =20 > tires to > validate the server certificate with the cacerts keystore in my JDK. =20= > Now if > the server certificate is signed by a trusted authority then the =20 > connection > is successful. But if the certificate is a test one (not signed by any > trusted authority) and when tomcat tries to validate the =20 > certificate, the > validation fails and the connection fails. The error I get it as =20 > follows: > > Caught unhandled exception: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable =20 > to find > valid certification path to requested target. > > So to avoid this, I want to know if tomcat can ignore or trust any =20 > server > certificate with out validating it. What API are you using to connect to the server? For example the default java.net.URL or HttpClient? If you are using HttpClient, you may want to look at this thread: http://forums.sun.com/thread.jspa?threadID=3D411937&messageID=3D1886339 Andr=E9-John= --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org