Derek, following is what I had to do to make the SSL work with my application. I was using JDK 1.3.8 and BEA weblogic for the server.
- Download and install Java Secure Socket Extension (JSSE) package [not required for JDK1.4 or above] from sun (http://java.sun.com/products/jsse/install.html) site. This package has these three jars (jsse.jar, jnet.jar, and jcert.jar) in it. - Copy these three jars in <java-home>/jre/lib/ext folder not into weblogic. - Get the digital CA certificate from other party. - Add the certificate (xxx.cer) of the host to the jdk's certificate chain file (cacerts) located in the JDK under java_home\jre\lib\security folder. - the way to do this is "keytool -import -keystore "path to cacerts" -file "path to xxx.cer" - the default password for the keystore is "changeit" - Restart the server. Hope this will help. thanks, - Ashraful -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 06, 2004 8:42 AM To: [EMAIL PROTECTED] Subject: RE: unable to do an https Liviu, I have changed to use java 1.4 and now I get a different error java.net.SocketException: Default SSL context init failed: Invalid keystore format Any idea? This how ssl stuff is all new to me. Thanks and regards. --Derek "Tudor, Liviu @Cimage" <liviut To: <[EMAIL PROTECTED]> cc: Tuesday April 6, 2004 10:19 AM Subject: RE: unable to do an https Please respond to soap-user Derek, First thing I can think of is that you're probably running a pre-1.4 JDK/JRE and you probably haven't got JSSE installed? Liviu Tudor Cimage Novasoft Limited www.cimagenovasoft.com [EMAIL PROTECTED] Fax: +44 (0)1344 767701 Direct Line: +44 (0)1344 767759 Centennial Court, Easthampstead Road, Bracknell, BERKS, RG12 1JZ Computer dating is fine, if you're a computer. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 06, 2004 3:12 PM To: [EMAIL PROTECTED] Subject: unable to do an https Hi, I got the following error when trying to connect to a soap server running on https: java.net.MalformedURLException: unknown protocol: https Here is the code smipped, and I am using java 1.3 and jsse 1.0.3_02 from SUN: System.setProperty("javax.net.ssl.trustStore", "myCertificate.cer"); System.setProperty("java.protocal.handler.pkgs", "com.sun.net.ssl.internal.www.protocal"); Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider ()); service = locator.getSessionService(new URL ("https://someserver:443/services/SessionService";)); By the way, everything worked fine if I connect to http. Any help would be greatly appreciated. Thanks and regards. --Derek **************************************************************************** ********************* This e-mail is being sent to you for your information or at your request. The information is not warranted as to completeness or accuracy, nor does it serve as an official record of your account. Your official Trade Confirmation and/or Client Account Statement are the official records of your account. Further, since the confidentiality of Internet e-mail cannot be guaranteed, please do not include private or confidential information (passwords, account numbers, social security numbers, etc.), or instructions requiring your authorization (orders, address changes, funds transfers, etc.) in your e-mail communications to us. For additional important information about privacy and Internet terms and conditions, please visit us at (http://www.prudential.com). If you do not wish to receive any further e-mail from us, please send an e-mail to [EMAIL PROTECTED] Prudential Equity Group, Member SIPC, One New York Plaza, New York, NY 10292 **************************************************************************** ********************* This e-mail is being sent to you for your information or at your request. The information is not warranted as to completeness or accuracy, nor does it serve as an official record of your account. Your official Trade Confirmation and/or Client Account Statement are the official records of your account. Further, since the confidentiality of Internet e-mail cannot be guaranteed, please do not include private or confidential information (passwords, account numbers, social security numbers, etc.), or instructions requiring your authorization (orders, address changes, funds transfers, etc.) in your e-mail communications to us. For additional important information about privacy and Internet terms and conditions, please visit us at (http://www.prudential.com). If you do not wish to receive any further e-mail from us, please send an e-mail to [EMAIL PROTECTED] Prudential Equity Group, Member SIPC, One New York Plaza, New York, NY 10292
