[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server certificate rejected!



Hi !

try the following:
HttpsURLConnection con;
... 

SSLContext sslContext = con.getSSLContext();
sslContext.setDebugWriter( System.out);
// optional clear the certificate list of the cerificate verifier 
// so that all valid certificates will be accepted.
// see below
sslContext.getChainVerifier().clearTrustedCertificates();
...
// do output
// get the result 
// do something else
You should see what happens during the SSL Handshake


What the chain verifier does

Client Side Trust Verification

The client verifiers that the server has an acceptable certificate. The following cases arise (assuming the default ChainVerifier implementation is used):

For more information please the the JavaDoc for the ChainVerifier class.

yours
andi

> -----Original Message-----
> From: Luca Ventura [
mailto:luca_vent@virgilio.it]
> Sent: Freitag, 28. Juni 2002 12:46
> To: iaik-ssl
> Subject: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server
> certificate rejected!
>
>
> Hello!
>
> I use JDK 1.4 (on a Windows XP machine) and IAIK's iSaSiLk
> APIs to open
> https connections in my Java applications....
>
> I have wrritten the following piece of code to do it:
>
>   urlString = "
https://www.verisign.com/";
>   URL url = new URL(null,urlString, new
> iaik.protocol.https.Handler());
>   HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
>
>
> At the last statement I receive the following error:
>
> iaik.security.ssl.SSLException: Server certificate rejected
> by ChainVerifier
>
> Why? This error doesn't appear if I use url: "
https://jcewww.iaik.at/"
>
> how come?
>
> I hope someone can help me!
>
>      Thanks a lot!
>
>                                     Luca
>
> --
> Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl