Wim Vander Schelden wrote:
Stepan Mishura wrote:
It sounds like you used cacerts file (RI's?) that is in JSK format.
This definitely doesn't work with Harmony because JKS is a Sun's
proprietary standard [1]. You should provide cacerts file in
PKCS12(IIRC) format. PKCS12 implemented in Bouncy Castle security
provider and used by Harmony.
So the easiest way to do this would be by using the keytool included in
Harmony, I assume?
Will Harmony look at the cacerts file in the lib/security directory, or
do I need to instruct it to do
so somehow? And what password should I use for the keystore?
Is there a reason why such a file is not distributed with Harmony by
default?
Good question. The cacerts file contains the certificates of various
certification authorities (CAs). It's not clear to me that Apache would
be able to redistribute those without special agreement with the CAs.
We have not gone round collecting up CAs and signed up to their terms
and conditions to check.
Regards,
Tim
