HttpClient+SSL+ Trusted Certificate
I'm using Commons HttpClient API to connect to one of our Servers.
This server uses SSL and also it uses valid Certificate (issued by Verisign Trust Network).
My Browser never complains as i connect to the server. But my java program throws
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found Exception.
I still have the same issue, even if this valid certificate is imported to my java truststore.
I used the following simple code to connect to the server..
HttpClient httpclient = new HttpClient();
GetMethod httpget = new GetMethod("https://www.ourserver.开发者_如何学Ccom/");
try {
httpclient.executeMethod(httpget);
System.out.println(httpget.getStatusLine());
} finally {
httpget.releaseConnection();
}
Note: I'm very sure that our server is using Trusted certificate as my browser never complained.
Thank you.
if you are using an older version of java, i.e. 1.4, it is possible that the verisign root CA isn't trusted. In that case you must configure a truststore with the certificate in it. This can be done with de 'javax.net.ssl.trustStore' system property, but isn't advisible to do.
You can implement the 'org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory' to provide a custom SocketFactory with the given truststore.
Have you added the Verisign Root CA to your truststore? It's possible that the error is because the CA that issued your certificate isn't trusted.
I'm not sure that Java's truststore is automatically configured to trust "default" root CAs (Verisign, Thawte, etc.) like most web browsers are. You might have to manually enable trust for each using keytool, which I assume you know since you mentioned importing into your truststore.
精彩评论