Xavier, Default Sun's implementation of the X509TrustManager finds the certificate chain of this site suspicious (issuer DN != subject DN (It's not quite clear issuer and subject of which certificate is meant, as the certificate chain appears to consist of four certificates)) and refuses to accept the server certificate.
Please have a look at the section "Examples of SSL customization in HttpClient" of the HttpClient SSL guide to find out how you can augment default certificate chain validation logic. You can use EasyX509TrustManager as a starting point and customize it as you see fit. If do not really care about certificate validity in the most extreme case you may simply choose to trust all the servers by always returning true from X509TrustManager#isServerTrusted. Cheers Oleg -----Original Message----- From: Xavier Frisaye [mailto:[EMAIL PROTECTED] Sent: Thursday, November 20, 2003 14:45 To: [EMAIL PROTECTED] Subject: https problem Hello, I'm a noob in https and i need to connect to a https site (https://www.socialsecurity.be/). But when i instanciate an HttpClient i've got this exception : javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate chaining error: issuer DN != subject DN at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1351) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:779) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2257) at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2629) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1085) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:675) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:530) at test.securitesociale.SecuriteSocialeWebSite.getONSSNumber(SecuriteSocialeWebSite.java:38) at test.securitesociale.TestSecuriteSociale.main(TestSecuriteSociale.java:8) Caused by: java.security.cert.CertificateException: Certificate chaining error: issuer DN != subject DN at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(DashoA6275) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(DashoA6275) ... 18 more Exception in thread "main" And this is my piece of code: HttpClient httpclient = new HttpClient(); GetMethod httpget = new GetMethod( "https://www.socialsecurity.be/"; ); httpclient.executeMethod( httpget ); System.out.println( httpget.getStatusLine().toString() ); Does anyone already met this problem? Thank you in advance for your answer --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
