[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Problems connecting to sites using VeriSign



I can't to seem to connect to a site that uses a VeriSign certificate.
When I launch

java demo.basic.SSLClient www.verisign.com 

I get the output

Connecting to www.verisign.com:443...
TCP connection established
ssl_debug(1): Starting handshake...
ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...
ssl_debug(1): Received v3 server_hello handshake message.
ssl_debug(1): Server selected SSL version 3.0.
ssl_debug(1): Server created new session 42:67:11:23:7C:6B:0A:31...
ssl_debug(1): CipherSuite selected by server:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
ssl_debug(1): CompressionMethod selected by server: NULL
ssl_debug(1): Received certificate handshake message with server
certificate.
ssl_debug(1): Server sent a 1024 bit RSA certificate, chain has 2
elements.
ssl_debug(1): ChainVerifier: Error verifying certificate chain:
java.security.cert.CertificateExpired
Exception
ssl_debug(1): Sending alert: Alert Fatal: bad certificate
ssl_debug(1): Shutting down SSL layer...
ssl_debug(1): SSLException while handshaking: Server certificate
rejected by ChainVerifier
ssl_debug(1): Sending alert: Alert Fatal: handshake failure
ssl_debug(1): Shutting down SSL layer...
ssl_debug(1): Shutting down SSL layer...
An exception occured:
iaik.security.ssl.SSLException: Server certificate rejected by
ChainVerifier
        at java.lang.Throwable.fillInStackTrace(Native Method)
        at java.lang.Throwable.fillInStackTrace(Compiled Code)
        at java.lang.Throwable.<init>(Compiled Code)
        at java.lang.Exception.<init>(Compiled Code)
        at java.io.IOException.<init>(IOException.java:47)
        at iaik.security.ssl.SSLException.<init>(Unknown Source)
        at iaik.security.ssl.x.d(Compiled Code)
        at iaik.security.ssl.x.f(Unknown Source)
        at iaik.security.ssl.r.c(Unknown Source)
        at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
        at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
        at demo.basic.SSLClient.connect(Compiled Code)
        at demo.basic.SSLClient.main(Unknown Source)
ssl_debug(1): Shutting down SSL layer...
ssl_debug(1): Closing transport...    

This would indicate that VeriSign has an expired certificate on its web
site, but this does not seem to be the case.  However, when I reset the
time on my computer to any time last year (up to Dec 31st) the problem
goes away. I can connect to other sites, for examples those with Thawte
certificates or those with self signed certificates. Any ideas on how to
solve this problem?

Thanks,

Mårten Larsson
-----------------------------------------------------------------
VerifyEasy AB

Mårten Larsson | Stadsgården 10 | S-116 45  Stockholm | SWEDEN
Tel: +46-(0)8-52752503 | Fax: +46-(0)8-52752599 | Mobile:
+46-(0)704-611902 
:::::::::::::::::::::::::::::::::::::::: http://www.verifyeasy.com
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl