Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

JSSE: Problem conecting to site with unknown CA or expired certificate

1 view
Skip to first unread message

Eytan

unread,
Feb 12, 2002, 7:25:01 AM2/12/02
to
Hi,

I'm trying to write a Java client that will allow me to connect to any
SSL server (using SSLSocket). I would like my client to accept
connections to sites that use a certificate that was signed by an
unknown CA and to sites that use an expired certificate.

Alternatively, how can I load a new CA into my client.

Currently (using a naive implementation - see code below), I'm getting
an 'SSLHandshakeException' when trying to connect with such a server.


I'm using JDK 1.4 RC.


...
SSLSocket s = (SSLSocket)SSLSocketFactory.getDefault().
createSocket(server, port);

OutputStream out = s.getOutputStream();
String msg = "Hello";
out.write(msg.getBytes());
...

Exception in thread "main" javax.net.ssl.SSLHandshakeException:
Couldn't find tr
usted certificate
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA62
75)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at java.io.OutputStream.write(OutputStream.java:58)
at PrintSession.main(PrintSession.java:25)

0 new messages