[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Problems connecting to sites using VeriSign

I can't to seem to connect to a site that uses a VeriSign certificate.
When I launch

java demo.basic.SSLClient www.verisign.com 

I get the output

Connecting to www.verisign.com:443...
TCP connection established
ssl_debug(1): Starting handshake...
ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...
ssl_debug(1): Received v3 server_hello handshake message.
ssl_debug(1): Server selected SSL version 3.0.
ssl_debug(1): Server created new session 42:67:11:23:7C:6B:0A:31...
ssl_debug(1): CipherSuite selected by server:
ssl_debug(1): CompressionMethod selected by server: NULL
ssl_debug(1): Received certificate handshake message with server
ssl_debug(1): Server sent a 1024 bit RSA certificate, chain has 2
ssl_debug(1): ChainVerifier: Error verifying certificate chain:
ssl_debug(1): Sending alert: Alert Fatal: bad certificate
ssl_debug(1): Shutting down SSL layer...
ssl_debug(1): SSLException while handshaking: Server certificate
rejected by ChainVerifier
ssl_debug(1): Sending alert: Alert Fatal: handshake failure
ssl_debug(1): Shutting down SSL layer...
ssl_debug(1): Shutting down SSL layer...
An exception occured:
iaik.security.ssl.SSLException: Server certificate rejected by
        at java.lang.Throwable.fillInStackTrace(Native Method)
        at java.lang.Throwable.fillInStackTrace(Compiled Code)
        at java.lang.Throwable.<init>(Compiled Code)
        at java.lang.Exception.<init>(Compiled Code)
        at java.io.IOException.<init>(IOException.java:47)
        at iaik.security.ssl.SSLException.<init>(Unknown Source)
        at iaik.security.ssl.x.d(Compiled Code)
        at iaik.security.ssl.x.f(Unknown Source)
        at iaik.security.ssl.r.c(Unknown Source)
        at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
        at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
        at demo.basic.SSLClient.connect(Compiled Code)
        at demo.basic.SSLClient.main(Unknown Source)
ssl_debug(1): Shutting down SSL layer...
ssl_debug(1): Closing transport...    

This would indicate that VeriSign has an expired certificate on its web
site, but this does not seem to be the case.  However, when I reset the
time on my computer to any time last year (up to Dec 31st) the problem
goes away. I can connect to other sites, for examples those with Thawte
certificates or those with self signed certificates. Any ideas on how to
solve this problem?


Mårten Larsson
VerifyEasy AB

Mårten Larsson | Stadsgården 10 | S-116 45  Stockholm | SWEDEN
Tel: +46-(0)8-52752503 | Fax: +46-(0)8-52752599 | Mobile:
:::::::::::::::::::::::::::::::::::::::: http://www.verifyeasy.com
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl