I am trying to connect to my apache server with mod_ssl/OpenSSL using a Java application. I have a created a server cert using the opensll and I signed it myself.I get a javax.net.ssl.SSLException: untrusted server cert chain error.
Do I have to purchase a trusted cert to access the site before I can access this site with Java?
Thanks
Edward
Hi Edward,
javax.net.ssl.SSLException: untrusted server cert
This type of error will occur when the certificate being received from the remote server and client are different.
So please check that your store contains the certificate of the remote machine or the CA that signed it and that the certificate that has not expired. Also be sure that both the machines are using the same latest versions of the JSSE.
Hope this will help you.
Regards,
Anil.
Technical Support Engineer.
Hi,
there are some possible problems you could be encountering :
1. If using https, the certificate has to include the hostname of the server, which is in possession of the private key from which you created the certificate.
Client-side https checks, wether the name in the certificate corresponds to the hostname of the server which posted the certificate.
2. The server-certificate has to be imported into the clients truststore. You can use keytool (included in the jdk) for this task.
the following statement imports the certificate 'testkeys' contained in the file 'testkey.cert' into the truststore 'cacerts' :
keytool -import -keystore cacerts -alias testkeys -file testkey.cert
