I've attached cacerts from my linux box. I copied it to $JAVAHOME/jre/lib/security on a windows box (making a backup of the original cacerts 1st of course).
Ultimately, what I believe the problem was was that it was recieving a certificate from the server which was signed by a CA whose certificate was absent in the windows distro of cacerts. I noticed that the windows file was around 11K while the linux file is around 26K. What website are you going to? On Thursday 15 December 2005 05:23, bashiro wrote: > Tim, > > This is unbelievable ! > Could you zip the files you copied and send a > copy for me to try ? > Where did you copy them from and to where under wondows ? > > Thanks in advance > bashiro > > > Bashiro > > --- On Wed 12/14, Tim Watts < [EMAIL PROTECTED] > wrote: > From: Tim Watts [mailto: [EMAIL PROTECTED] > To: [email protected] > Date: Wed, 14 Dec 2005 21:31:44 -0500 > Subject: Re: HttpClient and Simple SSL > > bashiro,I copied the file to a windows box and it fixed the problem. Hope > you have similar luck.On Wednesday 14 December 2005 00:21, bashiro wrote:> > I will give that a try to see what happens.> Thanks for your effort. Have > you tried it yet ?>> Bashiro>> --- On Tue 12/13, Tim Watts < > [EMAIL PROTECTED] > wrote:> From: Tim Watts [mailto: > [EMAIL PROTECTED]> To: [email protected]> Cc: > [EMAIL PROTECTED], [EMAIL PROTECTED]> Date: Tue, 13 Dec 2005 > 22:12:33 -0500> Subject: Re: HttpClient and Simple SSL>> Good news. I was > able to reproduce the error on my linux box. I did so by> (temporarily) > removing the cacerts file. Although I haven't tried it yet> myself, I'm > fairly confident that if you copy> $JAVAHOME/jre/lib/security/cacerts to > the same location on your windows box> the problem will disappear.On > Tuesday 13 December 2005 17:22, Tim Watts> wrote:> On Tuesday 13 December > 2005 15:03, Satsangi, Vivek wrote:> > C) You> can also try to output the > full > > http handshake. Then you will be> > able to> tell whether it could find the > keystore at all, whether the CRL> > check> failed or the actual certificate > getting, etc.>> I set the log level to> DEBUG for > org.apache.commons.httpclient and> httpclient.wire. However, I> don't > believe I saw the handshake occur in the> log. The closest thing I> see are > these entries below. What category should> I be adding to see the> SSL > handshake? [I did this on my linux box since I> won't have access to> > windows until later this evening.]>> 2005-12-13 17:13:15,537 DEBUG> > [org.apache.commons.httpclient.HttpClient]> SUN 1.42: SUN (DSA> > key/parameter generation; DSA signing; SHA-1, MD5> digests; SecureRandom;> > X.509 certificates; JKS keystore; PKIX> CertPathValidator; PKIX> > CertPathBuilder; LDAP, Collection CertStores)> 2005-12-13 17:13:15,537> > DEBUG [org.apache.commons.httpclient.HttpClient]> SunJSSE 1.42: Sun JSSE> > provider(implements RSA Signatures, PKCS12, SunX509> key/trust factories,> > SSLv3, TLSv1)> 2005-12-13 17:13:15,537 DEBUG> > [org.apache.commons.httpclient.HttpClient]> SunRsaSign 1.42: SUN's > provider> for RSA signatures> 2005-12-13 17:13:15,537 DEBUG> > [org.apache.commons.httpclient.HttpClient]> SunJCE 1.42: SunJCE Provider> > (implements DES, Triple DES, AES, Blowfish,> PBE, Diffie-Hellman, > HMAC-MD5,> HMAC-SHA1)> 2005-12-13 17:13:15,537 DEBUG> > [org.apache.commons.httpclient.HttpClient]> SunJGSS 1.0: Sun (Kerberos> > v5)>>> > ---------------------------------------------------------------------> To> > unsubscribe, e-mail: [EMAIL PROTECTED]> For> > additional commands, e-mail:> > [EMAIL PROTECTED] >>---------------------------------To unsubscribe, e-mail:> > [EMAIL PROTECTED] additional commands,> > e-mail: [EMAIL PROTECTED]>> > _______________________________________________> No banners. No pop-ups. No > kidding.> Make My Way your home on the > > Web - http://www.myway.com>>>> > ---------------------------------------------------------------------> To > unsubscribe, e-mail: [EMAIL PROTECTED]> For > additional commands, e-mail: > [EMAIL PROTECTED] >---------------------------------To unsubscribe, e-mail: > [EMAIL PROTECTED] additional commands, > e-mail: [EMAIL PROTECTED] > > _______________________________________________ > No banners. No pop-ups. No kidding. > Make My Way your home on the Web - http://www.myway.com > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
