[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl]cu|| ChainVerifier: Error verifying certificate chain: java.security.cert.CertificateExpiredException



Hello,
 
watch the server certificates.
1. Do you trust the CA that issued the root certificate of the chain?
2. Are the certificates formatted correctly?
You can make the certificates visible by the help of the openssl tool. Use the standard command s_client. If your machine is not connected to the entire internet by default configure a static route entry to the server you which to connect to.
 
best regards, Olaf Kroh
--- Begin Message ---
Dear Technical Support,
 
I got a problem on the IAIK's iSaSiLk and by using Java 1.3.0 under SunOS 5.8.
 
I hv wrote the following code.

URL url = new URL(null, urlString ,new iaik.protocol.https.Handler());
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
SSLContext context = new SSLClientContext();
context.setDebugStream(System.out);
con.setSSLContext(context);
 
At the last statement I received the following errors.
 
Why? But some HTTPS web sites are worked prefectly.
 
Cheers,
Patrick
 
ssl_debug(18): Starting handshake (iSaSiLk 3.05 Evaluation Version)...
ssl_debug(18): Sending v3 client_hello message, requesting version 3.1...
ssl_debug(18): Received v3 server_hello handshake message.
ssl_debug(18): Server selected SSL version 3.0.
ssl_debug(18): Server created new session 5F:5F:34:0C:11:10:D4:31...
ssl_debug(18): CipherSuite selected by server: SSL_RSA_WITH_3DES_EDE_CBC_SHA
ssl_debug(18): CompressionMethod selected by server: NULL
ssl_debug(18): Received certificate handshake message with server certificate.
ssl_debug(18): Server sent a 1024 bit RSA certificate, chain has 3 elements.
ssl_debug(18): ChainVerifier: Error verifying certificate chain: java.security.cert.CertificateExpiredException
ssl_debug(18): Sending alert: Alert Fatal: bad certificate
ssl_debug(18): Shutting down SSL layer...
ssl_debug(18): SSLException while handshaking: Server certificate rejected by ChainVerifier
ssl_debug(18): Closing transport...
iaik.security.ssl.SSLException: Server certificate rejected by ChainVerifier
        at iaik.security.ssl.x.b(Unknown Source)
        at iaik.security.ssl.x.a(Unknown Source)
        at iaik.security.ssl.r.d(Unknown Source)
        at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
        at iaik.security.ssl.SSLTransport.getOutputStream(Unknown Source)
        at iaik.security.ssl.SSLSocket.getOutputStream(Unknown Source)
        at org.w3c.www.protocol.http.f.markUsed(Unknown Source)
        at org.w3c.www.protocol.http.HttpBasicServer.getConnection(Unknown Source)
        at org.w3c.www.protocol.http.HttpBasicServer.runRequest(Unknown Source)
        at org.w3c.www.protocol.http.HttpManager.runRequest(Unknown Source)
        at org.w3c.www.protocol.http.HttpURLConnection.connect(Unknown Source)
        at org.w3c.www.protocol.http.HttpURLConnection.a(Unknown Source)
        at org.w3c.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
        at mms.contentserver.payment.VISAPaymentHandler.authorizePayment(VISAPaymentHandler.java:108)
        at mms.contentserver.billing.ejb.BillingEJB.processPayment(BillingEJB.java:47)
        at mms.contentserver.billing.ejb.BillingEJB_ty3a17_EOImpl.processPayment(BillingEJB_ty3a17_EOImpl.java:37)
        at mms.contentserver.billing.ejb.BillingEJB_ty3a17_EOImpl_WLSkel.invoke(Unknown Source)
        at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:305)
        at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerRef.java:93)
        at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:274)
        at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
        at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
        at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
VISAPaymentHandler [authorizePayment]: Exceptionorg.w3c.www.protocol.http.HttpException: iaik.security.ssl.SSLE
xception: Server certificate rejected by ChainVerifier
--- End Message ---