and now all works fine!!
Thanks a lot anyway.
Da: firstname.lastname@example.org [mailto:email@example.com]Per conto di Hiltenkamp, Andreas
Inviato: venerd́ 28 giugno 2002 13.21
A: 'Luca Ventura'; iaik-ssl
Oggetto: RE: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server certifi cate rejected!Hi !
try the following:HttpsURLConnection con;...
SSLContext sslContext = con.getSSLContext();
sslContext.setDebugWriter( System.out);// optional clear the certificate list of the cerificate verifier
// so that all valid certificates will be accepted.
// see below
// do output// get the result// do something elseYou should see what happens during the SSL Handshake
What the chain verifier does
Client Side Trust Verification
The client verifiers that the server has an acceptable certificate. The following cases arise (assuming the default ChainVerifier implementation is used):
- ChainVerifier is null: If the ChainVerifier for the current SSLContext is null all certificates are accepted. Note that the ChainVerifier is only null when explicitly set to null by the application.
- CipherSuite is DH_anon: If the active ciphersuite is anonymous the ChainVerifier is not called and the connection is accepted. The reasoning is that DH_anon is only used when explicitly enabled by the user making an additional check of the always server certificate redundant (for DH_anon the server certificate is of course actually null).
- No trusted certificates set: If no trusted certificates have been specified all valid certificate chains are accepted. Valid in this case means that all signature verify, no certificates are expired, etc.
- One or more trusted certificates set: If trusted certificate have been specified only chains that are valid and contain a trusted certificate are accepted.
For more information please the the JavaDoc for the ChainVerifier class.yoursandi
> -----Original Message-----
> From: Luca Ventura [mailto:firstname.lastname@example.org]
> Sent: Freitag, 28. Juni 2002 12:46
> To: iaik-ssl
> Subject: [iaik-ssl]cu|| iaik.security.ssl.SSLException: server
> certificate rejected!
> I use JDK 1.4 (on a Windows XP machine) and IAIK's iSaSiLk
> APIs to open
> https connections in my Java applications....
> I have wrritten the following piece of code to do it:
> urlString = "https://www.verisign.com/";
> URL url = new URL(null,urlString, new
> HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
> At the last statement I receive the following error:
> iaik.security.ssl.SSLException: Server certificate rejected
> by ChainVerifier
> Why? This error doesn't appear if I use url: "https://jcewww.iaik.at/"
> how come?
> I hope someone can help me!
> Thanks a lot!
> Mailinglist-archive at
To unsubscribe send an email to email@example.com with the folowing content: UNSUBSCRIBE iaik-ssl
Description: JPEG image