JSSE: Having trouble connecting to an https URL (certificate problems)
Hi folks,
I have a really, really simple Java app that just opens a URL using the java.net.URL class to open a URL ("https://....").
I can't get it to connect successfully. Here is a history of what I've done so far.
I was given a cert that's part of a two-cert chain, but not rooted in a recognized CA. I installed it in
./jre/lib/security/cacerts file using keytool.
It didn't work. I got this error:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested targetDoing some googling I found this article:
http://blogs.sun.com/andreas/entry/no_more_unable_to_findIf I'm paraphrasing it correctly, it says that the InstallCert app it mentions will hit the server, obtain its cert, and install it in my jssecacerts file as part of a chain so that JSSE won't throw an exception.
So, I think this means I don't need my original cert. I can run this guy's program and it will get the server's cert and install it in (or first create) my jssecacerts file as part of a cert chain.
I did this, and now get another error:
"no name matching disc.paramount-bluray.com found"
The URL I'm trying to hit is: https://disc.paramount-bluray.com The CN in the cert presented by the server is: disc.paramount-hddvd.comI believe the two names need to match, correct? OK, but if I'm using this guy's program, it's not even using my cert. It's getting the cert from the server and installing it as part of a chain in my jssecacerts file so the name matching in my cert shouldn't matter.
So, why did this program not properly install the cert chain? Am I missing a step? After running his program a second time, it behaves as he describes. But when I subsequently run my app, it fails.
Do I need to add all the certs in jssecacerts to the .keystore file in my home directory? Do I need to add the certs in the jssecacerts into my cacerts file?
Or, perhaps the simpler question is "how do I get my app to successfully connect" to the server?
Many thanks in advance.
Vartan
Thanks for the warning, but I can "trust" the server cert because I know the server. It's a client who will not be acquiring a cert that's chained to a CA's root cert.Then get them to export it and import it into your own truststore. That's the correct solution. Accepting any certificate you receive over the connection that you're trying to make secure via the certificate you receive over the connection you're trying to secure ... doesn't make any sense. Get them to send it to you offline. And put a security design around that process too. If you don't do this step your solution is not secure, because you don't have any guarantee that the certificate came from who it said it came from. The HostnameVerifier doesn't help you with that part.
I think I want to get the common name (CN) out of the cert that the server presents and compare it to the URL to which I'm connecting. Is this correct?Yep.
I can't figure out how to get the CN out of the server's cert.X509Certificate.getSubjectX500Principal().getName(), then parse out the CN part.
How do I get the cert from the SSLSession object that's passed into the HostnameVerifier.verify() method? SSLSession.getPeerCertificateChain().
Similar Messages
-
I'm being shown an error pop-up message periodically saying "There was a problem connecting to the server. URLs with the type 'file:' are not supported." I have a brand new MacBook Pro, and at no time am I actually having trouble connecting to the server, but this message continues to pop-up several times a day at random intervals. Is there something I'm doing wrong? Or is my computer just having a glitch? Other than that, and a mildly sticking caps lock button, it's working perfectly.
Thank you!Alright it didn't solve it. Any other suggestions?
I haven't suggested a solution yet. I want to know whether you still get the messages while Time Machine is disabled. Do you? If so, try any or all of the solutions proposed in this thread:
There was a Problem connecting to the...: Apple Support Communities -
I am having trouble connecting IPAD1 to wireless any suggestions?
I am having trouble connecting my IPad1 to Belkin Wireless Router. It was working fine until a couple of days ago. I can use my IMAC okay via wireless. I can see my network on the IPad, but message comes up "unable to join the network XXXX". I have read the Apple recent release to fix this problem...still no luck. Can anyone please help?
Look at iOS Troubleshooting Wi-Fi networks and connections http://support.apple.com/kb/TS1398
Additional things to try.
Turn Off your iPad. Then turn Off the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
On your iPad go to Settings > General > Reset > Reset network settings and see if that enables you to connect.
If none of the above suggestions work, look at this link.
iPad Wi-Fi Problems: Comprehensive List of Fixes
http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
Cheers, Tom -
Having trouble connecting column to column using niSwitch on a PXI 2530
Having trouble connecting column to column using niSwitch vi on a PXI 2530 matrix module. I have configured my switch using Switch Executive, have identified aliases, and verified routes and route groups. When I use LabVIEW to connect column to column I get an error reading "cannot find connection between c0 and c1". c0 and c1 are example columns I want to connect. Any help is appreciated.
You can find NISE VIs in the function pallete in LV if you have installed LabVIEW support when you installed NISE (this is selected by default in the installer if you had LV installed before installing NISE).
Also, choose between niSwitch and NISE based on your need - if all you ever do is connect two channels in your application, then configuring a NISE virtual device is probably an overkill (and so is using a switch in this case:-) . However, if you are going to manage multiple routes, then using NISE configuration will let you create named routes and route groups, which you can then invoke (connect/disconnect) in your application and have the configuration part managed outside your application. The code would then concentrate solely on establishing a necessary connection(s) via connecting a route or a route group, while if you were to use niSwitch for this purpose, you would have to keep the logic of connecting inside your application, together with the list of channels that need to be connected.
Start with using NISE, and see if you like it.
http://www.ni.com/pdf/products/us/3msw112-113.pdf
Srdan Zirojevic -
I am having trouble connecting my bluetooth headset on the ipad 1. I have now been told that Apple is only allowing several headsets to be used with Ipad. Is this correct? I have a grundig headset and a plantronics headset but these can both not be found
Check this out....
http://support.apple.com/kb/HT1664 -
Having trouble connecting to the updater to CC after renewing my subscription...
I have renewed my CC subscription through school for another year. My account is showing that it all is well and in order- but I am having trouble connecting to the taskbar- the Apps page is just a spinning circle and has been since last night. My programs think I still have only 2 days left of my subscription. And I think this problem is stemming from not being able to connect to the App Updater. What do I do? I really don't want to reinstall the whole of the CC suite if it can be avoided.
Mac Spinning Wheel https://forums.adobe.com/message/5470608
or
A chat session where an agent may remotely look inside your computer may help
Creative Cloud chat support (all Creative Cloud customer service issues)
http://helpx.adobe.com/x-productkb/global/service-ccm.html -
I am trying to activate LR6 on a laptop that will not be connected to the internet. I have clicked on the link for offline activation, but it says to follow the instructions till it says "having trouble connecting to the internet". I never get there. How do I get it to generate the code that I can take to an internet enabled device so I can validate it?
http://portableapps.com/apps/internet/firefox_portable/localization#legacy36
-
I am having trouble connecting to internet with my iphone 5, Are there any issues with with iphone 5 that would cause this problem?
Perhaps something in Apple's support article on troubleshooting problems with WiFi connections will help:
http://support.apple.com/kb/TS1398
Regards. -
Having trouble connecting my ipod to iTunes and mac
Today my ipod decided to stop working altogether and not play anything. Literally, I was listening to a song and the next song never played. Couldn't figure out why, so I came on here and tried the 5 R's.
I want to restore my ipod (because obviously nothing else I did, worked), but I can't even connect it to my MacBook Pro, let alone, see it in itunes. I just want to see of restoring it might actually fix it before I do anything involving the apple store.
There's all sorts of threads about having troubles connecting ipods to PC's, but nothing I could find about connecting them to Macs.
I know for sure the USB wire is fine. I downloaded the new version of itunes and blah blah blah...it's definitely all the ipod, but I can't seem to come up with any other solution than to go to an apple store.
I only bought this within the last year and just recently started using it on a regular basis.
If anyone would like to shed some light on what might've happened, please let me know! I'd be so grateful! Thanks!Try putting the iPod into Disk Mode
http://support.apple.com/kb/HT1363
If that works, connect it to the Mac. See if it is now recognized by the Mac and iTunes. If it is, use Restore to erase the iPod and initialize its software. -
Hi, I need help please!!!
I am not able to log into my bb app world nor am I able to download or upgrade any aps.
I keep getting this error message..
"BlackBerry App World is having trouble connecting to the BlackBerry App World server. Verify your network connections and try again."
I called my phone provider and they cannot assist me. I tried a bunch of trouble shhoting options such as:
-deleted app world and re-installed from website
-deleted email accounts and re-installed
-changed bb id name and password from website
-tried to log on using wifi and non wifi
Nothing seems to be fixing this issue.
Can someone please help!!!
Thanks!How long has this been an issue for you?
have you tried to downgrade your appworld?
http://www.bbh-plus.net/downloads.php?do=file&id=2196
Sorry to hear you're having so much trouble with this.
(uninstall first though)
Please click the Thumbs Up icon if this comment has helped you!
If your issue is resolved, please click the solution button on the resolution!
Every BlackBerry should have BlackBerry Protect, get it now! | Follow me on Twitter | Bring Back BBM Music! -
Having trouble connecting blutooth on my laptop. Devices are paired but it says "not connected". I've gone thru System Pref. with no luck. Can anyone give me step by step help to reconnect BLUETOOTH? plz, ty
Hi:
There are no dumb questions...answers, yes, but not questions. Sometime I use acronyms and forget that I should explain things a bit more.
Resetting those two things sometimes helps and cannot hurt.
SMC=system management controller:
http://support.apple.com/kb/HT3964
PRAM=parameter random-access memory:
http://support.apple.com/kb/PH4405
If that does not help, delete the phone from your computer (system preferences>Bluetooth), restart, and then add it back in:
http://support.apple.com/kb/PH3660
Barry
P.S. If everything fails and you are near an Apple store, make an appointment with a "genius" and take the devices in for them to assist. -
Hey.... I hope this isn't just repeating the 'same old' issue, but I have read through everything I could find and I am still having no luck.
Anyways I am having a few issues.....
ONE/// When I try to go to "My World" on my Playbook it always comes up with the message:
BlackBerry App World is having trouble connecting to the Blackberry App World Server, Verify your network connections and try again.
One solution I read was to connect to an alternative WiFi connection, however I haven't got any other connection I can connect to before switching back to my own.... help?!
TWO// There are also two games I have been desperately trying to install but have had no luck. Each time all I get is the following message:
Install Error. There was a problem during Installation. Please try again.
I have read the KB26671 file, and tried to follow the 'resolution' there but whenever I log in I never get any 'account set up process' to continue with..... let alone what the rest of the guide says to do.
THREE// Not sure why but when I try to use AppWorld on my PC it won't show me my playbook device, simply says "please connect your device".... help? According to my playbook it is connected to computer, and my PC is picking up the Playbook as the manager always tells me it is there and lets me view the files but still AppWorld can't seem to see it.
Thanks in advance for your help.
Solved!
Go to Solution.Well I was just trying to see if it was your network connection. I have found that lately anyhow, the connection to the App World hasn't been that reliable - not sure why and it's just been recently for me. But I have downloaded some pretty large files in the last few days too without issue.
Sorry, this isn't much help but if you find your network connection is becoming flaky, remove the profile and setup a new one. Sometimes I find I have to briefly shut off my internet connection on the PlayBook and then re-enable it when it's acting up. Then things are fine afterwards. A device reboot may help but it may not. I wish I could be more help but this gremlin sounds elusive.
Actually, duh, why didn't I put two and two together eariler? See if this thread is applicable to you or not: http://supportforums.blackberry.com/t5/BlackBerry-PlayBook/PlayBook-not-letting-me-update-apps/td-p/...
In short, reboot your PlayBook and try again... -
I am having trouble connecting to my wi fi internet on the Microworst Windows side of my notebook. U am using VM Fusion. Any suggestions? Internet works fine on the Apple side.
Post on the Fusion forums since it's their software you're having issues with: http://communities.vmware.com/community/vmtn/desktop/fusion
-
E1200 - Having trouble connecting to Dell Dimension XPS.
Having trouble connecting Dell Dimension XPS with Windows XP to my new E1200 router. Any Ideas?
It's connected via a wireless adapter
Update: I have successfully connected to Vista computers but my XP will only connect as a guest. Seems like it doesn't want to take the network key or passwordWhat is the Service Pack on your windows, also, what is the security mode configured on E1200?
To determine the Service Pack on your computer, click on the 'start' button and type in, 'winver' in the run window.
Basically, if the security mode is WPA/WPA2 mixed mode or WPA2, then minimum requirement for Service pack is Service Pack 3.
Else, if the Service pack is below version 3, then you need to lower down the security on E1200 to either 'WPA' or 'WEP'.
Here is the link for changing the security level - http://www6.nohold.net/Cisco2/ukp.aspx?pid=93&vw=1&articleid=22751
If the Service Pack on your computer is version 3, then you can try these steps.
A] With the help of Cisco Connect Software (if at all you have installed the router with the help of this software)
1] Open the software and go to the option which says "Router Settings"
2] Then click on the option which says "Advanced Settings" which will take you to the router's configuration page.
3] Then go to the Wireless tab, change Channel width to 20 MHz only and change the Channel to 6, 9, 11..Save the settings.
You can try adding the wireless network manually. Here is the link for the steps:
http://ecross.mvps.org/howto/configwlan.htm -
My BlackBerry's screen suddenly only appeared with white background. I had a new screen put in. They uninstalled all my applications and now I cant download anything. My BlackBerry Messanger is gone will all my contacts in it and App World is having trouble connecting. What should I do? Can you please help me.
Hi and Welcome to the Community!
This error has been discussed hundreds (thousands?) of times in this forum...a quick search of the site might actually provide you with an answer much quicker than awaiting a reply.
Also, there are several public KB articles on that exact error...I recommend you go there and search as well:
http://btsc.webapps.blackberry.com/btsc/microsites/microsite.do
Since each has a subtle difference from the other, I cannot tell which might apply to your specifics.
Good luck!
Occam's Razor nearly always applies when troubleshooting technology issues!
If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
Join our BBM Channels
BSCF General Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code
Maybe you are looking for
-
Strange problem with RDP and mouse, only solved after minimize/maximize
Good day, We have this very annoying problem with a RDP Terminal Server. It is Windows Server 2008 R2 SP1. This server has the Session Host role installed, with local RDP user licenses. We only have this issue when running a certain application. This
-
How do i delete an old device from icloud
How do I delete a device that I no longer have from my icloud account. when i try to delete it, i get an error message saying the backup cannot be deleted because it is in use.
-
Hi, I'm using Windows 8.1 and I can see photoshop CC 64 bit. But when I'm launching it, it throws an error "Some of the application components are missing from the Application directory, Please reinstall the application". I've reinstalled twice but g
-
MySQL Error#: 2002 Dreamweaver CS5
HI Never had this problum before so not sure why now. MySQL Error#:2002 A connection attempt faild because the connected party did not properly respond after a period of time, or established connection faild because connected host has failed to res
-
How to transfer by means of the reference to the report parameter in drill mode?