[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

R: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server certificate rejected!



Hello!
 
I solved the problem....the method you mean is "setDebugStream" and not "setDebugWriter"...:-)
 
Anyway I tried to execute the code with you modifications and I obtained the output showed by the figure you find
in attach....it seems that the Verisign's certificate has expired!
So I  ridefined the ChainVerified class as explained at:

http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/msg00453.html

and now all works fine!!

Thanks a lot anyway.

 

                                    Luca

 

 

-----Messaggio originale-----
Da: iaik-ssl-owner@iaik.at [mailto:iaik-ssl-owner@iaik.at]Per conto di Hiltenkamp, Andreas
Inviato: venerd́ 28 giugno 2002 13.21
A: 'Luca Ventura'; iaik-ssl
Oggetto: RE: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server certifi cate rejected!

Hi !

try the following:
HttpsURLConnection con;
... 

SSLContext sslContext = con.getSSLContext();
sslContext.setDebugWriter( System.out);
// optional clear the certificate list of the cerificate verifier 
// so that all valid certificates will be accepted.
// see below
sslContext.getChainVerifier().clearTrustedCertificates();
...
// do output
// get the result 
// do something else
You should see what happens during the SSL Handshake


What the chain verifier does

Client Side Trust Verification

The client verifiers that the server has an acceptable certificate. The following cases arise (assuming the default ChainVerifier implementation is used):

For more information please the the JavaDoc for the ChainVerifier class.

yours
andi

> -----Original Message-----
> From: Luca Ventura [
mailto:luca_vent@virgilio.it]
> Sent: Freitag, 28. Juni 2002 12:46
> To: iaik-ssl
> Subject: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server
> certificate rejected!
>
>
> Hello!
>
> I use JDK 1.4 (on a Windows XP machine) and IAIK's iSaSiLk
> APIs to open
> https connections in my Java applications....
>
> I have wrritten the following piece of code to do it:
>
>   urlString = "
https://www.verisign.com/";
>   URL url = new URL(null,urlString, new
> iaik.protocol.https.Handler());
>   HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
>
>
> At the last statement I receive the following error:
>
> iaik.security.ssl.SSLException: Server certificate rejected
> by ChainVerifier
>
> Why? This error doesn't appear if I use url: "
https://jcewww.iaik.at/"
>
> how come?
>
> I hope someone can help me!
>
>      Thanks a lot!
>
>                                     Luca
>
> --
> Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl

Attachment: errorSSL.jpg
Description: JPEG image