• Post Reply Bookmark Topic Watch Topic
  • New Topic

https probelm

 
Starix XieXie
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi there,
I almost suicide because of this SSL stuff and the worst is... i new to This SSL stuff....
I write one App, which trying to post or get some data from the following website.
https://www.verisign.com
and it gave me the following error
"Untrusted Server Certificate Chain"
i wondering, that
"Untrusted Server Certificate Chain"
error message, is it because of my App or because of that website ???
If you need me to post the code, i'll post it.
Thanks in advance 4 the help
 
Peter den Haan
author
Ranch Hand
Posts: 3252
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure what the problem is. The error means that JSSE could not track the server certificate back to a Certificate Authority (CA) it knows and trusts.
Normally, the trusted CA are read from the cacerts file in jre/lib/security/. The list of certificates in this file is much smaller than that in most browsers; in practical terms, this means that JSSE may reject server certificates that your browser is happy with.
Had it been any site other than VeriSign, I would have suggested that this might be your problem. However, I'd expect VeriSign to sign their own certificates, and unless you modified the file VeriSign has certainly been set up in cacerts -- but it's still worth checking (keytool -list -keystore cacerts, press ENTER at the password prompt).
Have you modified the cacerts file or the JSSE truststore settings (javax.net.ssl.trustStore*)? See also the security guide (docs/guide/security/index.html) in your JDK for more information.
- Peter
[ January 23, 2003: Message edited by: Peter den Haan ]
 
Starix XieXie
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi there ,

Your answer give me some light.
anyway.. i did type the following command
keytool -list -keystore cacerts
and it gave me this error message ??
keytool error: java.lang.Exception: Keystore file does not exist: cacerts

so it is mean ? i don't have the keystore file ?

and , how do i insert the verisign CA to my cacerts files ?

Thanks for the help.

Best Regards
Starix
 
Peter den Haan
author
Ranch Hand
Posts: 3252
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Were you in the right directory? Use explorer (or ls if you're on a Unix box) to see what files are there in $JAVA_HOME/jre/lib/security.
- Peter
 
Starix XieXie
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Alright..
I got it..yea... how stupid am i... well i create another keystore files and didn't use default cacerts files..that should be ok right ?

Thanks yea.
Regards,
Starix
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!