f



Problem to Connect to SSL address with Java

Hi together!

I have a problem to create a SSL connection to a webaddress. The program
worked until three days ago. Since then I get the following error when I
try to connect:

javax.net.ssl.SSLHandshakeException: Certificate is not signed by a
trusted certificate authority.
 at java.lang.Throwable.<init>(Throwable.java:195)
 at java.io.IOException.<init>(IOException.java:40)
 at javax.net.ssl.SSLHandshakeException.<init>(Unknown Source)
 at
com.ibm.as400.ibmonly.net.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1736)
 at
com.ibm.as400.ibmonly.net.ssl.SSLSocketImpl.write(SSLSocketImpl.java:567)
 at
com.ibm.as400.ibmonly.net.ssl.SSLOutputStream.write(SSLOutputStream.java:103)
 at java.io.OutputStream.write(OutputStream.java:58)

The same java program works without problems on a pc (JDK 1.5). On
iSeries we use JDK 1.4.2.

I use the Sun security Provider to create a connection:
java.security.Security.addProvider(new sun.security.provider.Sun());
System.getProperties().put("java.protocol.handler.pkgs", "javax.net.ssl");

Any ideas what could cause the error? Does the error message mean that
the certificate on the server I want to connect is not signed by a
trusted certificate authority or is the certificate on the client not
signed correctly?

cu
Martin
0
8/11/2005 10:12:32 PM
comp.sys.ibm.as400.misc 9219 articles. 4 followers. Post Follow

1 Replies
1093 Views

Similar Articles

[PageSpeed] 53

I found the problem. The server changed their certificate. First I
always looked at the cacerts file in jdk directory. I thought the sun
provider uses this file as keystore. It seems that in background the DCM
from iSeries is used. I imported the new certificate in DCM and
everything works well.

Martin
0
8/12/2005 2:28:35 PM
Reply: