go to  ForumEasy.com   
JavaPro
Home » Archive » Message


[Email To Friend][View in Live Context][prev topic « prev post | next post » next topic]
  Error #4: Keystore is loaded but it's untrusted
 
Subject: Error #4: Keystore is loaded but it's untrusted
Author: authen
In response to: Error #3: Key password is wrong
Posted on: 02/26/2008 02:50:24 PM


If your server is running on a keystore with certificate trusted by well-known root Certificate Authorities (CA) like VeriSign, your client's applications should recognize and trust your server's certificate quite smoothly. If your server's certificate is trusted only by intermediate Certificate Authorities or even self-signed, your client's applications have to manually decided whether or not to trust your server's certificate.

If the client rejected your certificate, you would see something like this:


javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
	at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
	at java.io.BufferedInputStream.fill(Unknown Source)
	at java.io.BufferedInputStream.read(Unknown Source)




 

> On 02/22/2008 07:51:09 PM authen wrote:

	String algorithm = KeyManagerFactory.getDefaultAlgorithm(); // "SunX509"       
    	KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
        char[] key_password = "KEY_PASSWORD".toCharArray();
        try{
        	kmf.init(ks, key_password); 
        }catch(Exception e){
        	e.printStackTrace();
        }


If you guessed the key password wrong, you would most likely see something like this:


java.security.UnrecoverableKeyException: Cannot recover key
	at sun.security.provider.KeyProtector.recover(Unknown Source)
	at sun.security.provider.JavaKeyStore.engineGetKey(Unknown Source)
	at java.security.KeyStore.getKey(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(Unknown Source)
	at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(Unknown Source)
	at javax.net.ssl.KeyManagerFactory.init(Unknown Source)






References:

 


 
Powered by ForumEasy © 2002-2022, All Rights Reserved. | Privacy Policy | Terms of Use
 
Get your own forum today. It's easy and free.