开发者

Trusted certificates becomes invalid

In a Sun Glassfish server I have deployed an application that communicates with an external webservice over SSL.

I have manually imported certificates in cacerts.jks with java keytool cli (keytool -import -trustcacerts -keystore cacerts.jks -alias somealias -file somecert.cer).

I verify that everything works, but then after a longer while things stop to work and I get the following output in log:

[#|2010-06-18T09:13:23.930+0200|WARNING|sun-appserver9.1|...|_ThreadID=850;_ThreadName=p: thread-pool-1; w: 901;javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: The certificate chain from the server is not trusted|...|#]

And from here the service stops working. According to the log, shortly before the exception occurs, the certificate is questioned and the server by default replies no and I suspect this is what generates the error.

But what trigger the server to suddenly question the certificate? Certificate is already imported and marked as trusted in the keystore. All dates a开发者_StackOverflow中文版re ok. Have I missed something?


Perhaps there is some other application which is changing the System property (javax.net.ssl.trustStore). javax.net.ssl.trustStore is what is pointing to the trusted keystore. Try printing out this System property to see if it changes. Another option is to start the JVM with the following option -Djavax.net.debug=SSL,handshake,data,trustmanager This should give you some verbose output in your stdout log file.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜