You are viewing a plain text version of this content. The canonical link for it is here.
Posted to taglibs-user@tomcat.apache.org by Dave Newton <da...@solaraccess.com> on 2003/01/12 19:24:58 UTC
Re: io taglib + SSL
On Sun, 2003-01-12 at 13:10, Hassan Schroeder wrote:
> I'm trying to pass form data to a credit card authorization service
> using the IO taglib, like so:
>
> <io:http url="https://certification.authorize.net/gateway/transact.dll"
> [...]
> The question is -- whose certificate? I can submit data manually so
> [...]
> All the references to Tomcat/JSP/SSL I find seem focused on handling
> an incoming connection from a browser rather than generating outbound
> requests to another server.
Well, you don't need a certificate to _request_ an HTTPS transaction,
you need one (from the server being requested from) to _receive_ one.
So (to me, anyway :) it sounds like the certificate being offered by
authorize.net isn't being recognized as a trusted one. Unfortunately,
that (possibly incorrect) insight is all I can offer :/
<X-disclaimer>
I used to program X, so any conversation from me regarding which is the
client should be treated as being highly suspect and probably backwards.
</X-disclaimer>
Dave Newton
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: io taglib + SSL
Posted by Hassan Schroeder <ha...@webtuitive.com>.
Dave Newton wrote:
> Well, you don't need a certificate to _request_ an HTTPS transaction,
> you need one (from the server being requested from) to _receive_ one.
Ah. Yes. "Nature abhors a vacuum", and so do I, especially when
it's between my ears :-) But now that I've looked into what the
SSL handshake actually does...
> So (to me, anyway :) it sounds like the certificate being offered by
> authorize.net isn't being recognized as a trusted one.
..this isn't it, since a cert not recognized by a browser as trusted
prompts a warning popup, and I can manually submit a form to the URL
in question with no problem.
So what else might cause an SSLHandShakeException?
--
Hassan Schroeder ----------------------------- hassan@webtuitive.com
Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com
dream. code.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>