> AFAIK, the cacerts file at that location is never consulted by > default... the default keystore location is $HOME/.keystore
This is incorrect. http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html indicates the search order is as follows: 1. Location specified by javax.net.ssl.trustStore system property 2. $JRE_HOME/lib/security/jssecacerts 3. $JRE_HOME/lib/security/cacerts In a default install, only cacerts exists and contains the usual suspects (Thawte, Verisign, etc). Note we care about truststores in this case since it's the remote certificate check that is failing. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
