|
|
javax.net.ssl.SSLHandshakeException
Hi.
While trying to parse a https website, I get the following error message:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: Violated path length constraints
Could anybody tell me what this exactly means?
Should I interpet it as "Site has a broken SSL certificate, tell them"?
Greetings,
Thomas Fritz.
|
|
0
|
|
|
|
Reply
|
 Thomas
|
3/10/2005 11:11:23 AM |
|
On Thu, 10 Mar 2005 12:11:23 +0100, Thomas Fritz wrote:
> Hi.
>
> While trying to parse a https website, I get the following error message:
>
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: Violated path length
> constraints
>
> Could anybody tell me what this exactly means? Should I interpet it as
> "Site has a broken SSL certificate, tell them"?
>
> Greetings,
>
> Thomas Fritz.
Yes, this error message indicates that the number of critical
extensions in the Set of critical extensions found in the certificate (by
calling java.security.cert.X509Extension.getCriticalExtensionOIDs()) does
not match the number of critical extensions (path length) recorded in the
BasicConstraints critical extension. The path length is returned by the
java.security.cert.X509Certificate.getBasicConstraints method. See the
JavaDocs for these two methods.
Chuck
|
|
|
0
|
|
|
|
Reply
|
Chuck
|
3/10/2005 4:08:08 PM
|
|
Hi.
>>While trying to parse a https website, I get the following error message:
>>
>>javax.net.ssl.SSLHandshakeException:
>>sun.security.validator.ValidatorException: Violated path length
>>constraints
>>
>>Could anybody tell me what this exactly means? Should I interpet it as
>>"Site has a broken SSL certificate, tell them"?
>
> Yes, this error message indicates that the number of critical
> extensions in the Set of critical extensions found in the certificate (by
> calling java.security.cert.X509Extension.getCriticalExtensionOIDs()) does
> not match the number of critical extensions (path length) recorded in the
> BasicConstraints critical extension. The path length is returned by the
> java.security.cert.X509Certificate.getBasicConstraints method. See the
> JavaDocs for these two methods.
Ok. After reading the JavaDocs and looking at the Values (the size of
the Set returned by
java.security.cert.X509Extension.getCriticalExtensionOIDs() is 0, and
the int returned by
java.security.cert.X509Certificate.getBasicConstraints -1), I'm not
sure, but could it be that I more or less found a bug?
As far as I understand the JavaDocs, in this case, -1 and 0 should match
true, as there just are no critical extensions in the certificate. Or is
in fact the certificate broken, as it has no basic constraints?
Greetings,
Thomas Fritz.
|
|
|
0
|
|
|
|
Reply
|
Thomas
|
3/11/2005 10:29:11 AM
|
|
|
2 Replies
933 Views
(page loaded in 0.019 seconds)
Similiar Articles: javax.net.ssl.SSLHandshakeException - comp.lang.java.security ...JSSE and OpenSSL 0.9.7 incompatible - comp.lang.java.security ..... description = certificate_unknown > main, WRITE: TLSv1 Alert, length = 2 > main, called ... JSSE and OpenSSL 0.9.7 incompatible - comp.lang.java.security ...... description = certificate_unknown > main, WRITE: TLSv1 Alert, length = 2 > main, called closeSocket() > main, handling exception: javax.net.ssl.SSLHandshakeException ... SSLException: Unrecognized SSL message, plaintext connection ...... 2 With JDK1.4.0 I get the following error Caused by: javax.net.ssl ... With IBM JDK1.4 I get the following error Caused by: javax.net.ssl.SSLHandshakeException ... com.sun.net.httpserver.HttpsServer - How To? - comp.lang.java ...The handshake fails on client hello, with "javax.net.ssl.SSLHandshakeException: no cipher suites in common".I have studied the JAX-WS API documentation, HttpsServer ... How to accept the Untrusted cert? - comp.lang.java.security ...and here is the error message: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found at com.sun.net.ssl.internal ... Expired certificates being ignored - comp.lang.java.security ...System.setProperty( "javax.net.ssl.trustStore", trustStore ); System ... ie. the above code succeeds when I am expecting a "javax.net.ssl.SSLHandshakeException ... Tomcat SSL and Glue - comp.lang.java.security... CertificateException: Couldn't find trusted certificate: unable to load file https://localhost/simpletest/services/SimpleTest.wsdl javax.net.ssl.SSLHandshakeException ... HandShaking Exception : No trusted Certificate Found - comp.lang ...... different machines.Only one of the server is running on the machine while other servers are generating the following error message : javax.net.ssl.SSLHandshakeException ... POST request to SSL/HTTPS URL - comp.lang.java.programmer ...javax.net.ssl.SSLHandshakeException - comp.lang.java.security ... While trying to parse a https website, I get the following error message: javax.net.ssl ... javax.net.ssl vs java.security.cert - comp.lang.java.security ...How to resolve javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException; Soumyajit Hazra Ranch Hand Joined: Jun 26, 2007 Troubleshooting javax.net.ssl.SSLHandshakeException | Webapper BlogConcepts People often think of SSL as a form of encryption. Strictly speaking, it's not; SSL is a protocol or cryptosystem that uses existing encryption SSLHandshakeException (Java Platform SE 6)public class SSLHandshakeException extends SSLException. Indicates that the client and server could not negotiate the desired level of security. 7/23/2012 5:22:58 AM
|
|
|
|
|
|
|
|
|
Search |
Post Question |
Groups |
Stream |
About |
Register
2 followers. 