i there,
I have apache +mod_ssl + openssl +tomcat on linux
rehat.
Now the problem is I have server.crt in my apapche
conf/ssl.crt/
direcry. I made it through "make certificate
TYPE=custom" comand.
Then I store it in keystore through the java keytool
import command.
So now its trusted server certificate And I can
succesfully view the
server on my browser through https protocal. As well
I can also
connect through URL from java application.
Now I need to create one java application which
securely authenticate
with server.
For that i used jsse (java secure socket). But for
that i need to have
client certificate. To pass the public key around the
sslsocketConnection through keymanager and
trustManager. But I dont
know how can I make my own clien side certificate
which can also trust
my server certificate.
So let me know how can i make my own clien
certificate?
Thanks in advance.
Chirag
--- "McCaffity, Ray" <[EMAIL PROTECTED]> wrote:
> Before you install the package you now should
> prepare the SSL |
> | certificate system by running the 'make
> certificate' command. |
> | For different situations the following variants
> are provided: |
> |
> |
> | % make certificate TYPE=dummy (dummy
> self-signed Snake Oil cert) |
> | % make certificate TYPE=test (test cert signed
> by Snake Oil CA) |
> | % make certificate TYPE=custom (custom cert
> signed by own CA) |
> | % make certificate TYPE=existing (existing cert)
> |
> | CRT=/path/to/your.crt
> [KEY=/path/to/your.key] |
> |
> |
> | Use TYPE=dummy when you're a vendor package
> maintainer, |
> | the TYPE=test when you're an admin but want to
> do tests only, |
> | the TYPE=custom when you're an admin willing to
> run a real server |
> | and TYPE=existing when you're an admin who
> upgrades a server. |
> | (The default is TYPE=test)
>
> To be really trusted you have to get your
> certificated signed by Commercial
> certificate provider such as Thawte (www.thawte.com)
> or Verisign
> (www.verisign.com)
>
> -----Original Message-----
> From: chirag parikh [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 23, 2001 10:36 AM
> To: [EMAIL PROTECTED]
> Subject: problem with server certificate
>
>
> hi there,
> I have apache +mod_ssl + openssl + tomcate installed
> at my linux machine and which is runnign well with
> https and http protocol in browser.
> Now I tried to create one java application to make
> securely connect with https server through the jsse
> library.
>
> Whole scenariao is, I made my own server certificate
> type 3 with rsa
>
> when i run my rpogram it gaves me following
> exception
> with my https server.
>
> javax.net.ssl.sslException: untrusted server cert
> chain
>
> now this is the exception becos my certificate is
> not
> in truststore.
>
> How can i give my certificate in truststore.
>
> Becos my program is working with any other https
> website like https://www.verisign.com
> but not work with my server url.
> Can you explain me how can I create trusted
> certificate?
> or how can I make my certificate trusted to any java
> application wich use jsse?
>
> I dont know where is the problem.
> my java program is below
>
> public
> class Test
> {
> public
> static
> void
> main(String []
> arstring)
> {
> try
> {
> new
> java.net.URL("https://"; + arstring[0] +
> "/").getContent();
> }
> catch (Exception
> exception)
> {
>
> exception.printStackTrace();
> }
> }
> }
>
> Any help will be appriciated.
> Thansk
> chirag
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - buy the things you want at great
> prices
> http://auctions.yahoo.com/
>
______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)
> www.modssl.org
> User Support Mailing List
> [EMAIL PROTECTED]
> Automated List Manager
> [EMAIL PROTECTED]
>
______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)
> www.modssl.org
> User Support Mailing List
> [EMAIL PROTECTED]
> Automated List Manager
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
