?
Solved

Servlet making an SSL connection

Posted on 2004-08-04
3
Medium Priority
?
1,580 Views
Last Modified: 2013-11-29
I have a server that uses a servlet to send a message via HTTPS to an authorize.net gateway. The server SSL works find, however the client side is being rejected with a "javax.net.ssl.SSLException: untrusted server cert chain" message.

What do I need to configure for the client servlet to work with SSL? Do I need to create another keystore? What certificates to I need to import? Does it matter what aliases I use?

Thanks
Ross
0
Comment
Question by:w0lver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 19

Expert Comment

by:cheekycj
ID: 11722573
Just ran into this a month ago with a vendor of ours using instant ssl certs.

what SSL cert do you have installed on your server?

Untrusted Cert chain is usually due to the cert you have not being one of the accepted ones in the jdk's keystore.

You have to import the certs on your server to the client's keystore.

Instructions can be found at:
http://www.instantssl.com/ssl-certificate-support/cert_installation/ssl-certificate-java.html?currency=USD®ion=North%20America&country=US
or
http://www.jodohost.com/reseller/html/merchant_thepaydesk.html

CJ
0
 
LVL 23

Expert Comment

by:rama_krishna580
ID: 11745148
Hi,

look at here, it may help you...

I think you need to import the certificate from that site into the Java
key store. To do this, you use the keytool utility from the JDK:

keytool -import
        -keystore <path_to_JDK_installation>/jre/lib/security/cacerts
        -alias <some_nickname_you_choose_for_the_site>
        -file <path_to_certificate_file>
(this is all on one command line)

It will prompt you for the key store password. If the password was not
changed since the JDK installation, it defaults to "changeit" (at least
in JDK 1.3).

best of luck...

R.K
0
 
LVL 1

Accepted Solution

by:
justywong earned 1500 total points
ID: 11770560
it can be caused by the CA of the server cert not exist in your trusted cacerts store.
you can import the CA cert into your cacerts file. for more details, you can reference to the following link:

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57436

in part 4 (workaround), you should be able to find the solution.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every business owner understands the significance of online customer reviews and the impact it can have on sales and revenues. With technology advancing at such a rapid pace, getting online reviews has never been easier, especially when many regions…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question