$> openssl verify -CAfile root.crt devylon.com.crt devylon.com.crt: OK $> openssl verify -CAfile class3.crt devylon.com.crt devylon.com.crt: /CN=devylon.com error 20 at 0 depth lookup:unable to get local issuer certificate
so the root cert seems to be ok ? i downloaded the intermediate cert from https://www.cacert.org/index.php?id=3 Am 04.11.09 20:32, schrieb Tad Glines: > Use "openssl x509 -in<file> -text" to print the information for all > three certs (or in windows, just right click and select "open"). > Make sure that you have the correct intermediate and root CA certs. > > On Wed, Nov 4, 2009 at 11:27 AM, Ingo Vietense<[email protected]> > wrote: > >> i created a CAcert certificate, but now i get the following exception >> when i start the fedone: >> >> i'm not totaly sure why i get the >> "Caused by: java.security.cert.CertPathValidatorException: >> subject/issuer name chaining check failed" >> exception. >> >> starting my fedone with these parameters: >> wrapper | Command[25] : --certificate_private_key=devylon.com.key >> wrapper | Command[26] : >> --certificate_files=devylon.com.crt,class3.crt,root.crt >> wrapper | Command[27] : --certificate_domain=devylon.com >> wrapper | Command[28] : --waveserver_disable_verification=false >> wrapper | Command[29] : --waveserver_disable_signer_verification=false >> >> >> jvm 1 | SEVERE: Failed to add our own signer info to the certificate >> store >> jvm 1 | org.waveprotocol.wave.crypto.SignatureException: Certificate >> validation failure >> jvm 1 | at >> org.waveprotocol.wave.crypto.CachedCertPathValidator.validateNoCache(CachedCertPathValidator.java:103) >> jvm 1 | at >> org.waveprotocol.wave.crypto.CachedCertPathValidator.validate(CachedCertPathValidator.java:65) >> jvm 1 | at >> org.waveprotocol.wave.crypto.WaveSignatureVerifier.verifySignerInfo(WaveSignatureVerifier.java:129) >> jvm 1 | at >> org.waveprotocol.wave.examples.fedone.waveserver.CertificateManagerImpl.storeSignerInfo(CertificateManagerImpl.java:196) >> jvm 1 | at >> org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl.<init>(WaveServerImpl.java:408) >> jvm 1 | at >> org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl$$FastClassByGuice$$8086ed04.newInstance(<generated>) >> jvm 1 | at >> com.google.inject.internal.cglib.reflect.FastConstructor.newInstance(FastConstructor.java:40) >> jvm 1 | at >> com.google.inject.internal.DefaultConstructionProxyFactory$1.newInstance(DefaultConstructionProxyFactory.java:58) >> jvm 1 | at >> com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:80) >> jvm 1 | at >> com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:180) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:43) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:814) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) >> jvm 1 | at com.google.inject.Scopes$1$1.get(Scopes.java:64) >> jvm 1 | at >> com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:40) >> jvm 1 | at >> com.google.inject.internal.FactoryProxy.get(FactoryProxy.java:51) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:43) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:814) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) >> jvm 1 | at com.google.inject.Scopes$1$1.get(Scopes.java:64) >> jvm 1 | at >> com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:40) >> jvm 1 | at >> com.google.inject.internal.FactoryProxy.get(FactoryProxy.java:51) >> jvm 1 | at >> com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:38) >> jvm 1 | at >> com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:62) >> jvm 1 | at >> com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:79) >> jvm 1 | at >> com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:180) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:43) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:814) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) >> jvm 1 | at com.google.inject.Scopes$1$1.get(Scopes.java:64) >> jvm 1 | at >> com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:40) >> jvm 1 | at >> com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:38) >> jvm 1 | at >> com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:62) >> jvm 1 | at >> com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:79) >> jvm 1 | at >> com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:180) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:43) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:814) >> jvm 1 | at >> com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) >> jvm 1 | at com.google.inject.Scopes$1$1.get(Scopes.java:64) >> jvm 1 | at >> com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:40) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl$4$1.call(InjectorImpl.java:761) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:807) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl$4.get(InjectorImpl.java:757) >> jvm 1 | at >> com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:796) >> jvm 1 | at >> org.waveprotocol.wave.examples.fedone.ServerMain.run(ServerMain.java:61) >> jvm 1 | at >> org.waveprotocol.wave.examples.fedone.ServerMain.main(ServerMain.java:50) >> jvm 1 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native >> Method) >> jvm 1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> jvm 1 | at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> jvm 1 | at java.lang.reflect.Method.invoke(Method.java:597) >> jvm 1 | at >> org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:238) >> jvm 1 | at java.lang.Thread.run(Thread.java:619) >> jvm 1 | Caused by: java.security.cert.CertPathValidatorException: >> subject/issuer name chaining check failed >> jvm 1 | at >> sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:139) >> jvm 1 | at >> sun.security.provider.certpath.PKIXCertPathValidator.doValidate(PKIXCertPathValidator.java:326) >> jvm 1 | at >> sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:178) >> jvm 1 | at >> java.security.cert.CertPathValidator.validate(CertPathValidator.java:250) >> jvm 1 | at >> org.waveprotocol.wave.crypto.CachedCertPathValidator.validateNoCache(CachedCertPathValidator.java:101) >> jvm 1 | ... 51 more >> >> >> Am 04.11.09 02:03, schrieb Brian May: >> >>> openssl pkcs8 -topk8 -nocrypt -in >>> /etc/ssl/local/microcomaustralia.com.au.key -out >>> >> >> >>> >> > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en -~----------~----~----~----~------~----~------~--~---
