Hi there, I'd also suggest making sure you're running at least JRE 1.4.2_03 if at all possible. That's the first version of Java which includes an updated Verisign root certficate. The server shouldn't need to be updated at all, just the client.
Regards, Adrian Sutton. -----Original Message----- From: Michael Becke [mailto:[EMAIL PROTECTED] Sent: Tuesday, 2 March 2004 2:51 PM To: Jakarta Commons Users List Subject: Re: root_cert_expired Hello Catalin, Please take a look at the HttpClient SSL guide to get started <http://jakarta.apache.org/commons/httpclient/sslguide.html>. For more details about JSSE please refer to Sun's docs on the subject <http://java.sun.com/products/jsse/>. Please let us know if you run into any difficulties. Thanks, Mike On Mar 1, 2004, at 4:45 PM, Catalin Ionescu wrote: > I used to have httpclient for automated download of financial website > with VeriSign International Server CA - Class 3 Certificate, on a > Microsoft IIS web server. > Since January 7th this year, the connectivity broke, error message is > <untrusted server cert chain> > due to I believe VeriSign's Global Server ID Intermediate Root CA > which expired on 1/7/2004. > Unfortunately this IIS web server still allows browser downloads with > warning on older Netscape browsers or not warnings at all in a IE > browser. > Distinct web or aplication servers behave differently, e.g.z IBM > products will require ROOT update. In a Netscape browser I get this > warning: > <this site uses encryption, but Netscape does not recognize the > authority who sign its Certificate. You may decide to accept it > anyway> > > My problem is I have no say ove an update of the host, I am just a > client to there website. Though I warn and send them hints, they do > not listen and here is the link I sent to host site: > http://www.verisign.com/support/site/caReplacement.html > Question: Now with ROOT expired httpclient treats current certificate > as non-VeriSign. > Is it possible to do any sort of registration on my client side so I > will continue to be granted access and download file ? > > The java program has these: > Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); > System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.intern > al.www.protocol"); > > Thanks. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
