You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ant.apache.org by Gordon Vidaver <gv...@bbn.com> on 2003/05/22 00:47:50 UTC
Couldn't find trusted certificate using get https
Hi,
I'm trying to use the get command with https, but I get an error like this :
javax.net.ssl.SSLHandshakeException :
java.security.cert.CertificateException: Couldn't find trusted certificate
Forgive my ignorance - where should the trusted certificate live? How do
I tell ant about it? Is this a system property? How do I get the
certificate? Netscape walks me through the process and I can access the
site.
Any hints would be most appreciated - thanks!
Gordon Vidaver
Gordon Vidaver BBN Technologies
gvidaver@bbn.com Office 6/323
617 873-3558 10 Moulton St.
617 873-2616 (fax) Cambridge, MA 02138
866-322-9311 (toll free)
RE: Couldn't find trusted certificate using get https
Posted by Giuseppe Deriard <gi...@linguaserve.com>.
Look at this direction...
http://developer.java.sun.com/developer/technicalArticles/Security/secur
einternet2/
Giuseppe Deriard
- Resp. Dept. Técnico -
Linguaserve S.A.
C/ Seminario de Nobles 4, 2º izda.
28015 MADRID (España)
Tel. +34 91 761 64 67
e-mail: giuseppe.deriard@linguaserve.com
e-mail: tecnico@linguaserve.com
web: www.linguaserve.com
-----Mensaje original-----
De: Gordon Vidaver [mailto:gvidaver@bbn.com]
Enviado el: jueves, 22 de mayo de 2003 0:48
Para: user@ant.apache.org
Asunto: Couldn't find trusted certificate using get https
Hi,
I'm trying to use the get command with https, but I get an error like
this :
javax.net.ssl.SSLHandshakeException :
java.security.cert.CertificateException: Couldn't find trusted
certificate
Forgive my ignorance - where should the trusted certificate live? How
do
I tell ant about it? Is this a system property? How do I get the
certificate? Netscape walks me through the process and I can access the
site.
Any hints would be most appreciated - thanks!
Gordon Vidaver
Gordon Vidaver BBN Technologies
gvidaver@bbn.com Office 6/323
617 873-3558 10 Moulton St.
617 873-2616 (fax) Cambridge, MA 02138
866-322-9311 (toll free)
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
For additional commands, e-mail: user-help@ant.apache.org
Re: Couldn't find trusted certificate using get https
Posted by Gordon Vidaver <gv...@bbn.com>.
Hi,
It turns out that one way is to:
1) Get the site's certificate
With IE, bring up the page with the URL,
Go to File->Properties.
Click on Certificates button on lower right.
Click on the details tab.
Click on copy to file.
Hit next through the dialog until you save it to a file (e.g
mycert.ce).
2) Add it to the java certificate keystore
$ keytool -keystore <jdk home>/jre/lib/security/cacerts -import
-alias mycert -file ./mycert.ce
Then if you get a message like :
HTTPS hostname wrong
it means that the name of the host in the certificate is an alias
for the one in the get target's src. In the IE certificate window under
details, if you click on issuer, you can find out the real hostname in the
certificate.
Failed approaches :
I tried to tell ant about a separate keystore using
javax.net.ssl.trustStore and the ANT_OPS environment variable, but I just
kept getting the original error about a missing certificate.
Gordon
At 06:47 PM 5/21/2003 -0400, you wrote:
>Hi,
> I'm trying to use the get command with https, but I get an error like this :
>
>javax.net.ssl.SSLHandshakeException :
>java.security.cert.CertificateException: Couldn't find trusted certificate
>
> Forgive my ignorance - where should the trusted certificate live? How
> do I tell ant about it? Is this a system property? How do I get the
> certificate? Netscape walks me through the process and I can access the site.
>
> Any hints would be most appreciated - thanks!
>
> Gordon Vidaver
>
>
>Gordon Vidaver BBN Technologies
>gvidaver@bbn.com Office 6/323
>617 873-3558 10 Moulton St.
>617 873-2616 (fax) Cambridge, MA 02138
>866-322-9311 (toll free)
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
>For additional commands, e-mail: user-help@ant.apache.org
Gordon Vidaver BBN Technologies
gvidaver@bbn.com Office 6/323
617 873-3558 10 Moulton St.
617 873-2616 (fax) Cambridge, MA 02138
866-322-9311 (toll free)