Test for these causes, or try to regenerate your certificate:
______________________________________________
Runtime Exception: untrusted cert chains
Problem: When negotiating an SSL connection, the client or server throws
one of the following exceptions:
javax.net.ssl.SSLException: untrusted server cert chain
javax.net.ssl.SSLException: untrusted client cert chain
Cause 1: This is generally caused by the remote side sending a
certificate that is unknown to the local side.
Solution 1: The best way to debug this type of problem is to turn on
debugging (see Debugging Utilities) and watch as certificates are loaded
and when certificates are received via the network connection. Most
likely, the received certificate is unknown to the trust mechanism
because the wrong trust file was loaded.
Cause 2: The system clock is not set correctly.
Solution 2: If the clock is not set correctly, the perceived time may be
outside the validity period on one of the certificates, and unless the
certificate can be replaced with a valid one from a truststore, the
system must assume that the certificate is invalid, and therefore throw
the exception.
Cause 3: Older versions of Java 2 Enterprise Edition use earlier
versions of JSSE. In particular, some previous versions of J2EE shipped
with JSSE 1.0, which couldn't replace received expired certificates with
current ones from a truststore.
Solution 3: Be sure that the new JSSE jar files occur in the class
path(s) ahead of any older J2EE jar files.
________________________________________________
Jovie Castaneda wrote:
>
> Yes I do have it registered in the security properties file
> what else am i missing here?
>
_____________________________________________________
Carlos Tellería
Area de Informática
Secretaría General de Sanidad, Consumo y Bienestar Social
Gobierno de Aragón
Tel.: 976 71 40 00 - ext. 2061
Fax: 976 71 42 11
email: [EMAIL PROTECTED]
____________________________________________________
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
