On Mon, 2009-11-23 at 13:21 +0100, BAYER, Patrice wrote: > Hello, > In a projet, we're using commons-httpclient 3.0 and the class > EasySSLProtocolSocketFactory (EasyX509TrustManager) to have a SSL connection > to a server. > But we have the error < java.security.cert.CertificateException: Untrusted > Server Certificate Chain > when the client connects to the server. > The certificate is with 2048 bit but not with 1024 signed by the organism > Verisign. > > In this version of commons-httpclient, can the client accept this kind of key > or must we upgrade client ? > > Patrice Bayer
Patrice HttpClient relies on standard java SSL functionality and therefore can work with any certificates supported by JSSE. This problem has nothing to do with the key length. The certificate has been rejected as untrusted so apparently the SSL context have not correctly initialized with the trust material. Oleg > </PRE><p style="font-family:arial;color:grey" style="font-size:13px">This > message contains information that may be privileged or confidential and is > the property of the Capgemini Group. It is intended only for the person to > whom it is addressed. If you are not the intended recipient, you are not > authorized to read, print, retain, copy, disseminate, distribute, or use this > message or any part thereof. If you receive this message in error, please > notify the sender immediately and delete all copies of this message.</p><PRE> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
