Thank you for your answer, I didn't know about "cacerts" file. Now it works.
Thank you, once more,
Martin Linhart
Florian Lindauer wrote:
Martin Linhart wrote:
Via unsecured way it works fine, but via secured it cause this:
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: Couldn't find trusted
certificate
>
I don't know, where I can put certificate or if it must be trusted
from some CA...
Just like a browser, the JDK-1.4 builtin SSL implementation
(JSSE), when acting as a client, needs to check the server
certificate to be trusted (maybe you can switch off this check,
but the result then is hardly true SSL).
So, just like a browser, the JDK knows the CA-certificates of
the common well known CAs like Thawte or Verisign. These are
stored in <javahome>/jre/lib/security, file cacerts.
If your testing certificate is not signed by one of these
CAs, you need to import your test CA to this cacerts-store.
keytool -keystore ./cacerts -import -file my-ca.crt
I dont know about Jetty, and how you created your certificate,
but this link:
http://www.mortbay.org/jetty/doc/SslListener.html
seems to hold quite some information on the topic -
reading the SSL basics (first link on this page)
sure cannot be wrong :)
Hope that helped.
