Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Java Secure Socket Extension (JSSE)

SSLException: untrusted server cert chain

I'm trying to verify my system is up. It's accessed only via HTTPS. I got everything working but get the dreaded untrusted cert error. I just want to send a quick message and get back a quick answer. Is there a way to circumvent the cert chain error? That is, I don't care if the site is not a trusted CA, I just want to get connected.I saw a reference to TrustManager but there is a pile of code associated with it that doesn't make sense to me.

Does anyone know how circumvent the cert chain error without writing a pile of code?

[555 byte] By [jtyprowicz@DirecTV.com] at [2007-9-26 4:40:58]
«« How is it possible?
»» InputStream blocking read with timeout?
# 1
If you have'nt already done so, see if http://forum.java.sun.com/thread.jsp?forum=9&thread=14543 helps you.
neville_sequeira at 2007-6-29 18:02:56 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 2
What if I don't have a CA certificate? Can't I just say I want to connect HTTPS whether it is a valid CA or not?
jtyprowicz@DirecTV.com at 2007-6-29 18:02:57 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 3

Heres the point (and you most likeyl know all these details. but still for the sake of completeness)...

HTTPS protocol signifies usage of SSL. So the underlying sockets are secure sockets i.e SSL enabled sockets.

These sockets encrypt information that is being sent out through them and decrypt information being received through them. Its this encryption of information that leads to the term secured server

The side encryption

neville_sequeira at 2007-6-29 18:02:57 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 4

Ignore previous message. Mistakenly posted incomplete.

Use this instead...

Heres the point (and you most likeyl know all these details. but still for the sake of completeness)...

HTTPS protocol signifies usage of SSL. So the underlying sockets are secure sockets i.e SSL enabled sockets.

These sockets encrypt information that is being sent out through them and decrypt information being received through them. Its this encryption of information that leads to the term secured server

The side sending information encrypts and the side receiving information decrypts.

For decrypting information that the other side has encrypted, the public key is required.

The server certificate that the server presents to the client wraps the public key that is consumed to decrypt.

The authenticity of this wrapper certificate is sgined/guranteed by a well known Certificate signing Authority (CA) by including their well trusted certificate(which is in turn their own well trusted public key) in the wrapper certificate.

The client has to be able to accept this second level certificate of the CA for the client and server to successfully negotiate and decide on a key pair in runtime.

So in short, the client should already be aware of that trusted CA's certificate. In fact, the client being aware before hand of the concerned CA's certificate is the basic premise of security in SSL comm.

neville_sequeira at 2007-6-29 18:02:57 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
Security
Java Secure Socket Extension (JSSE)

Security New Topic

Security Hot Topic

Security

All Classified