You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by rama krishna reddy <kr...@yahoo.co.uk> on 2005/04/25 14:32:13 UTC

"javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain".

Hi ,
 
I am facing  the  "javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain" exception in the following scenarios.I mentioned the steps  as follows.
 
Pls help me .
 
Pls follow the following steps.
1)Extract the certificate files from given .rar file.They are inet.crt and TOT_ROOT_CA.cer.
2)Generate the TrustStore using java Keytool utility  by importing the both the certificates.
(i placed this TrustStore in the Weblogic domain) 
3)I am passing the truststore to the custom SSLSocketfactory and trying to open a socket connection to the Inet https Server.(This is trusted keystore ).I am not passing client keystore(for which i need to have Public key and whiCh is not provided by INET).SO ,i am thinking it as one way SSLSessionHandShake).(custom SSLSocketfactory is exactly like authSSLSocketFactory class provided in HTTPClient contributions )
 
4)When i am invoking the sendNotification method i am facing the following exception.
"javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain".
I think that whatever the certificate chain i am passing  Inet Server is not identifying it as Trusted Server Certificate chain.(using debug statements i am printing the Certificates also.They are same as provided by INET)
Observe the exception StackTrace and analyse the problem whether the certificate is correct or not.Pls observe the fingerprints of certificate whether they are correct or not.
 
Even i tried by placing the Certificates in cacerts under C:\bea\jdk141_05\jre\lib\security also.Still i am getting same exception.
 
Pls guide me in this .

________________________________**********************-----------------------------------------------------
Send Notiifcation Started
schemahttps
protocolhttps:443
SMSAuthSSLProtocolSocketFactory Constructor   TrustStore->file:emci.truststoreTr
ustStorePasswd->emcismsKeyStoreURL->nullKeyStorePasswd->null
Host Name <><><><>==https://sabaisms.com/mod_sms/http.php
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSNotifi
cation:sendNotification: username<<***<<Password<<****
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] WARN org.apache.commo
ns.httpclient.HttpMethodBase - Response content length is not known
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] WARN org.apache.commo
ns.httpclient.HttpMethodBase - Response content length is not known
createSSLContext truststore Start--->
SMSAuthSSLProtocolSocketFactory:createKeyStore  KeyStore URL>>> file:emci.trusts
toreKeyStorePasswd>>>>emcisms
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - Initializ
ing key store:
SMSAuthSSLProtocolSocketFactory:CreateKeyStore ::End
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - Trusted c
ertificate 'trusted ca: ':
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Subject
 DN: CN=TOT CA, OU=eBusiness Center, O=TOT Corporation Public Company Limited, L
=Bangkok, C=TH:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Signatu
re Algorithm: SHA1withRSA:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Valid f
rom: Wed Nov 12 08:00:59 ICT 2003:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Valid u
ntil: Sat Nov 12 08:00:08 ICT 2011:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Issuer:
 CN=TOT CA, OU=eBusiness Center, O=TOT Corporation Public Company Limited, L=Ban
gkok, C=TH:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - Trusted c
ertificate 'inet server cert: ':
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Subject
 DN: CN=sabaisms.com, OU=Sale, O=INET, L=Bangkok, C=TH:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Signatu
re Algorithm: SHA1withRSA:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Valid f
rom: Tue Apr 05 18:19:06 ICT 2005:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Valid u
ntil: Wed Apr 05 18:17:42 ICT 2006:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk -   Issuer:
 CN=TOT CA, OU=eBusiness Center, O=TOT Corporation Public Company Limited, L=Ban
gkok, C=TH:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - Initializ
ing trust manager:
Trust Manager end--->Trust Managers[Lcom.sun.net.ssl.TrustManager;@11b6e4d
 SMSAuthSSLX509TrustManager:isServerTrusted:start
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSAuthSS
LX509TrustManager:isServerTrusted:Client certificate 1: :
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSAuthSS
LX509TrustManager:isServerTrusted:Subject DN: EMAILADDRESS=info@plesk.com, CN=pl
esk, OU=Plesk, O="SWsoft, Inc.", L=Herndon, ST=Virginia, C=US:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSAuthSS
LX509TrustManager:isServerTrusted:Signature Algorithm: MD5withRSA:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSAuthSS
LX509TrustManager:isServerTrusted:Valid from: Sat Mar 12 12:11:48 ICT 2005:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSAuthSS
LX509TrustManager:isServerTrusted:Valid until: Sun Mar 12 12:11:48 ICT 2006:
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - SMSAuthSS
LX509TrustManager:isServerTrusted:Issuer: EMAILADDRESS=info@plesk.com, CN=plesk,
 OU=Plesk, O="SWsoft, Inc.", L=Herndon, ST=Virginia, C=US:
 SMSAuthSSLX509TrustManager:isServerTrusted:end
[ExecuteThread: '13' for queue: 'weblogic.kernel.Default'] DEBUG bmk - class jav
ax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untru
sted Server Certificate Chain
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Un
trusted Server Certificate Chain
        at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
        at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
        at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.writ
e(HttpConnection.java:1368)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69
)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
        at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream
(HttpConnection.java:799)
        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodB
ase.java:2277)
        at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMetho
dBase.java:2657)
        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.j
ava:1093)
        at org.apache.commons.httpclient.ConnectMethod.execute(ConnectMethod.jav
a:205)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.jav
a:675)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.jav
a:529)
        at com.hp.emci.bmk.alerts.sms.SMSNotification.sendNotification(SMSNotifi
cation.java:241)
        at com.hp.emci.bmk.alerts.sms.SMSNotification.send(SMSNotification.java:
114)
        at jsp_servlet.__index._jspService(index.jsp:51)
        at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
        at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run
(ServletStubImpl.java:971)
        at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:402)
        at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:305)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:6350)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:317)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
118)
        at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
rvletContext.java:3635)
        at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
pl.java:2585)
        at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
        at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Caused by: java.security.cert.CertificateException: Untrusted Server Certificate
 Chain
        at com.sun.net.ssl.X509TrustManagerJavaxWrapper.checkServerTrusted(Dasho
A6275)
        at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(
DashoA6275)
        ... 31 more
<Apr 14, 2005 11:12:39 AM ICT> <Error> <HTTP> <BEA-101017> <[ServletContext(id=8
4292,name=eMCIGateway,context-path=/eMCIGateway)] Root cause of ServletException
.
ERROR : 33000 : General Exception occured in BMK
        at com.hp.emci.bmk.alerts.sms.SMSNotification.sendNotification(SMSNotifi
cation.java:282)
        at com.hp.emci.bmk.alerts.sms.SMSNotification.send(SMSNotification.java:
114)
        at jsp_servlet.__index._jspService(index.jsp:51)
        at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
        at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run
(ServletStubImpl.java:971)
        at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:402)
        at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:305)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:6350)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:317)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
118)
        at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
rvletContext.java:3635)
        at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
pl.java:2585)
        at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
        at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
______________*******************************************************--------------------------________
 
 
 
 
 
 
 
 

Send instant messages to your online friends http://uk.messenger.yahoo.com