[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] CA certificates



Title: CA certificates

Hi,
I'm writing HTTP server that will support the client authentication. I'd like to allow the server clients to use their certificates that were purchased from all of well-known CAs(Verisign, Thawte etc.)

In order to do it I have to define an array of certificate authorities in the
setRequestClientCertificate() method of the SSLServerContext class.
BTW, I tried to define certificate types and null for "certificateAuthorities". In this case nether MSIE nor Netscape Communicator cannot connect to the server and I see in the log the following messages:

ssl_debug(1): Selecting CompressionMethod: NULL
ssl_debug(1): Sending certificate handshake message with server certificate...
ssl_debug(1): Sending certificate_request handshake message...
ssl_debug(1): Sending alert: Alert Fatal: handshake failure
ssl_debug(1): Shutting down SSL...
ssl_debug(1): Exception while handshaking: iaik.security.ssl.SSLException: Configuration error: CertificateRequest information missing.

ssl_debug(1): Shutting down SSL...
SSLException: Configuration error: CertificateRequest information missing.
ssl_debug(1): Shutting down SSL...
ssl_debug(1): Closing transport...

The question is where can I get a full enough set of CA's certificates? Is there a way to import them from Microsoft IE or Netscape Communicator?

Thank you in advance,
Leonid Fainshtein
e-mail: lfain@boscom.com