Linksys Certificate Not Trusted
...how can I trust it? Every time I go to my Linksys router with HTTPS, I receive a certificate not trusted error in my browser. I have already imported the certificate into my keychain on OS X, what else can I do?
It would be great if there was a "Trust" option next to the various errors which are displayed.
O.S. = OS X 10.73
Browser = Chrome
Thanks in advance for any ideas.
I am using a WRT54GS running firmware 4.70.6. Mozilla Firefox has the option to explicitly trust the certificate and Safari will use keychains certs to repudiate. Google Chrome (my primary browser) shows the following result.
Internet Explorer (9) shows the following, which is similar to the screen posted. I have tried to import the certificate into trusted publishers, but it won't take.
Similar Messages
-
Certificate not Trusted Exception
Hi,
I am trying to invoke Axis soap call from webshpere (my requirement is to trust all certificates), but getting certificate not trusted exception. Appreciate any suggestions for fixing this issue.
Code:
public String transport(String strMessage, String strParticipantUrl, String methodName, String keyStorePwd) throws RouterException {
String result = null;
boolean isErrorOccured = false;
String errorMessage = null;
LOGGER.info("Calling Carrier Web Service.......");
LOGGER.info("Web Service URL is :" + strParticipantUrl);
LOGGER.info("Web Service Method Name is :" + methodName);
ServiceFactory serviceFactory = new ServiceFactory();
Service service = null;
try {
service = (Service) serviceFactory.createService(new QName(
FundTransferConstants.QNAME_SERVICE));
} catch (ServiceException e) {
isErrorOccured = true;
Integer connectionTimeOut = FundTransferContext.getInstance()
.getConnectionTimeOut();
org.apache.axis.client.Call call = null;
if (null != service) {
try {
LOGGER.info("setting ssl status to debug");
System.setProperty("javax.ssl.debug", "all");
String proxyHost = FundTransferUtil.getProperty("PROXY.HOST");
String proxyPort = FundTransferUtil.getProperty("PROXY.PORT");
String username = FundTransferUtil.getProperty("PROXY.USER");
String password = FundTransferUtil
.getProperty("PROXY.PASSWORD");
if (proxyHost != null && !"".equals(proxyHost)) {
System.setProperty("proxySet", "true");
System.setProperty("http.proxyHost", proxyHost);
if (proxyPort != null && !"".equals(proxyHost)) {
System.setProperty("http.proxyPort", proxyPort);
if (username != null && !"".equals(username)) {
System.setProperty("http.proxyUser", username);
if (password != null && !"".equals(password)) {
System.setProperty("http.proxyPassword", password);
String keyStoreLocation = FundTransferUtil
.getProperty("KEYSTORE_LOCATION");
String keystore = keyStoreLocation + "/"
+ FundTransferConstants.KEYSTORE_FILE_NAME;
String storetype = FundTransferConstants.KEYSTORE_FILE_TYPE;
String][ props = {
{ FundTransferConstants.TRUST_STORE, keystore, },
{ FundTransferConstants.KEY_STORE, keystore, },
{ FundTransferConstants.KEY_STORE_PWD, keyStorePwd, },
{ FundTransferConstants.KEY_STORE_TYPE, storetype, },
{ FundTransferConstants.TRUST_STORE_PWD, keyStorePwd, }, };
// Commented loading the keystore to test outbound calls
/*for (int index = 0; index < props.length; index++)
System.getProperties().setProperty(propsindex[0],
propsindex[1]);*/
// Commented all trusting trust manager
/*LOGGER.info("Creating TrustManager...");
TrustManager] trustAllCerts = new TrustManager[ { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
LOGGER.info("Acception all issuers");
return null;
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs,
String authType) {
LOGGER.info("checkClientTrusted method");
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs,
String authType) {
LOGGER.info("checkServerTrusted method");
// Install the all-trusting trust manager
try {
LOGGER.info("Creating SSLContext...");
SSLContext sc = SSLContext.getInstance("SSL");
LOGGER.info("Created SSLContext..." + sc);
sc.init(null, trustAllCerts,
new java.security.SecureRandom());
LOGGER.info("Created SSLContext initiated...");
LOGGER.info("sslDefaultSocketFactory......"
+ sc.getSocketFactory());
HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
LOGGER.info("sslDefaultSocketFactory......"
+ sc.getSocketFactory());
} catch (Exception e) {
LOGGER.error("Exception is occuring...");
LOGGER.error(e.getMessage());
call = (Call) service.createCall();
} catch (ServiceException ex) {
LOGGER.error(ex.getMessage());
errorMessage = ex.getMessage();
isErrorOccured = true;
if (null != call) {
LOGGER.info("Web Service TimeOut setting :"
+ connectionTimeOut.intValue());
LOGGER.info("Setting axis propeties to use IBMFakeTrustSocketFactory");
// This will allow web service requests using the HTTPS protocol without having a valid SSL certificate installed and configured.
AxisProperties.setProperty("axis.socketSecureFactory","org.apache.axis.components.net.IBMFakeTrustSocketFactory");
call.setTimeout(connectionTimeOut);
call.setTargetEndpointAddress(strParticipantUrl);
call.setProperty(Call.SOAPACTION_USE_PROPERTY,
new Boolean(true));
call.setProperty(Call.SOAPACTION_URI_PROPERTY,
FundTransferConstants.EMPTY_STRING);
QName qnameTypeStr = new QName(FundTransferConstants.NS_XSD,
FundTransferConstants.QNAME_TYPE);
QName header = new QName(FundTransferConstants.NS_XSD,
FundTransferConstants.QNAME_TYPE);
call.setReturnType(qnameTypeStr);
call
.setOperationStyle(FundTransferConstants.WEB_SERVICE_OPERATION_RPC_STYLE);
call
.setOperationName(new QName(
FundTransferConstants.BODY_NAMESPACE_VALUE,
methodName));
call.addParameter("String_1", qnameTypeStr, ParameterMode.IN);
String[] params = { strMessage };
if (FundTransferConstants.CARRIER_RESEND_METHOD
.equalsIgnoreCase(methodName)) {
try {
call.invoke(params);
} catch (Exception ex) {
errorMessage = ex.getMessage();
isErrorOccured = true;
LOGGER.info(ex.getMessage());
} else {
int counter = 0;
while (counter < 3) {
counter++;
try {
// Here making the call which is failing
result = (String) call.invoke(params);
counter = 4;
} catch (AxisFault axisFault) {
axisFault.printStackTrace();
errorMessage = axisFault.getMessage();
isErrorOccured = true;
LOGGER.error(axisFault.getMessage());
} catch (Exception ex) {
ex.printStackTrace();
errorMessage = ex.getMessage();
isErrorOccured = true;
if (isErrorOccured) {
throw new RouterException(errorMessage);
return result;
System Error:
12/7/07 13:43:41:639 EST 000000bb SystemErr R AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(bx.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java:473)
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.v.a(v.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.l(by.java(Compiled Code))
at com.ibm.jsse2.by.startHandshake(by.java(Compiled Code))
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at com.dtcc.insurance.fundtransfer.transport.TransportHandler.transport(TransportHandler.java:245)
at com.dtcc.insurance.fundtransfer.router.MessageRouter.transport(MessageRouter.java:112)
at com.dtcc.insurance.fundtransfer.controller.MessageController.processMessage(MessageController.java:155)
at com.dtcc.insurance.fundtransfer.service.FundTransferServiceImpl.fundTransferRequest(FundTransferServiceImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3174)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:253)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:229)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1970)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1704)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(ba.java:16)
... 57 more
12/7/07 13:43:41:640 EST 000000bb SystemErr R AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(bx.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java:473)
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.v.a(v.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.l(by.java(Compiled Code))
at com.ibm.jsse2.by.startHandshake(by.java(Compiled Code))
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at com.dtcc.insurance.fundtransfer.transport.TransportHandler.transport(TransportHandler.java:245)
at com.dtcc.insurance.fundtransfer.router.MessageRouter.transport(MessageRouter.java:112)
at com.dtcc.insurance.fundtransfer.controller.MessageController.processMessage(MessageController.java:155)
at com.dtcc.insurance.fundtransfer.service.FundTransferServiceImpl.fundTransferRequest(FundTransferServiceImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3174)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:253)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:229)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1970)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1704)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(ba.java:16)
... 57 more
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at org.apache.axis.AxisFault.makeFault(AxisFault.java:129)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:131)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:180)
at org.apache.axis.client.Call.invokeEngine(Call.java:2564)
at org.apache.axis.client.Call.invoke(Call.java:2553)
at org.apache.axis.client.Call.invoke(Call.java:2248)
at org.apache.axis.client.Call.invoke(Call.java:2171)
at org.apache.axis.client.Call.invoke(Call.java:1691)
at com.dtcc.insurance.fundtransfer.transport.TransportHandler.transport(TransportHandler.java:245)
at com.dtcc.insurance.fundtransfer.router.MessageRouter.transport(MessageRouter.java:112)
at com.dtcc.insurance.fundtransfer.controller.MessageController.processMessage(MessageController.java:155)
at com.dtcc.insurance.fundtransfer.service.FundTransferServiceImpl.fundTransferRequest(FundTransferServiceImpl.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java(Compiled Code))
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java(Compiled Code))
at java.lang.reflect.Method.invoke(Method.java(Compiled Code))
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:402)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:309)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:333)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:150)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:120)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:481)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:323)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:854)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1572)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:762)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3174)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:253)
at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:229)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1970)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:114)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950)
at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582)
at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1704)
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code))
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse2.bx.a(bx.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java:473)
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.w.a(w.java(Compiled Code))
at com.ibm.jsse2.v.a(v.java(Compiled Code))
at com.ibm.jsse2.by.a(by.java(Compiled Code))
at com.ibm.jsse2.by.l(by.java(Compiled Code))
at com.ibm.jsse2.by.startHandshake(by.java(Compiled Code))
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:224)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:157)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:114)
... 48 more
Caused by: java.security.cert.CertificateException: Certificate not Trusted
at com.ibm.jsse.bi.a(Unknown Source)
at com.ibm.jsse.bi.checkServerTrusted(Unknown Source)
at com.ibm.jsse2.ba.checkServerTrusted(ba.java:16)
... 57 moreI found the fix from Oracle Support Knowlededge Base
sslTool serverInfo --url https://HOST:9043 --certFile newcert.cer
PStoreTool located in REGISTRY_HOME/bin/PStoreTool add -config
WEBLOGIC_HOME/user_projects/domains/[osr_domain_name]/servers/[osr_server_name]/tmp/_WL_user/registry/[unique id]/public/conf/pstore.xml -certFile newcert.cer
I was updating wrong file with the certificate. It had to be pstore.xml. This solved my issue.
Thanks & Regards,
Parshant -
Keychain root certificate not trusted (?)
I see a couple of items in keychain access that say "root certificate not trusted"
what is this and should they be deleted or somehow modified?
I looked at certificates with Certificate assistant "evaluate certificate"
but do not quite understand.
ThanksOk I'll try not to...
Thanks -
This shows up in my certificates in red: com.apple.systemdefault organization system identity certificate not trusted. Should I be concerned about this...does it indicate a security breach?
Can you please let us know, how you have resolved the issue. We are also getting the similar issue with the Certificate.
-
Digital ID certificate not trusted
I'm trying to add digital ID certificates for governmental employees with whom I communicate by e-mail. I used an e-mail including those certificates (*.cer format) to transmit the certs to the new IPad, and I was able to install them, but they are all listed as "Not Trusted". How do I go about designating that they are to be trusted?
I also added my own digital ID cert (*pfx format), and it has exactly the same situation: installed, but "not trusted."
Thanks.Thanks for reply but the message comes up every time I log into Santander. Interestingly this happens on Safari and Chrome but if I use my old browser Camino it comes up as secure. Will ring Santander again today and my ISP to see if they can shed any light. The same issue has occurred on ebay too but that seems to have resolved itself. Will let you know if I make any progress
-
Invalid WSDL - Certificate not trusted - Exception while publishing WSDL in OSR from HTTPS Server
Hi,
I am publishing a Web Service in OSR from an HTTPS Server. I am getting exception as
Error message:
WSDLException: faultCode=INVALID_WSDL: java.io.IOException: java.security.cert.CertificateException: Server certificate ....... is not trusted!
To remove this exception I have done following steps
a) Added Certificate from remote server in Identity Store of WebLogic Server using keytool utilitity
keytool -import -alias devCertificate -file c:/certificates/okdsoa.cer -truststore demoIdentityStore.jks
b) Added Certificate from remote server in the trust store of weblogic server using keytool utility
keytool -import -alias devCertificate -file c:/certificates/okdsoa.cer -truststore demoTrust.jks
This didnot help.
Then I imported certificate to OSR using PStoreTool command as
PStoreTool.bat add -config C:/OSRHome/registry111/conf/clientconf.xml -certFile c:/certificates/okdsoa.cer
Bounced the servers but that also didnot help.
Can you please suggest?
Thanks,
ParshantI found the fix from Oracle Support Knowlededge Base
sslTool serverInfo --url https://HOST:9043 --certFile newcert.cer
PStoreTool located in REGISTRY_HOME/bin/PStoreTool add -config
WEBLOGIC_HOME/user_projects/domains/[osr_domain_name]/servers/[osr_server_name]/tmp/_WL_user/registry/[unique id]/public/conf/pstore.xml -certFile newcert.cer
I was updating wrong file with the certificate. It had to be pstore.xml. This solved my issue.
Thanks & Regards,
Parshant -
Apple root certificates not trusted?
I was looking through Keychain Access, and came across these two Apple root certificates that Keychain reports as "This root certificate is not trusted."
com.apple.kerberos.kdc
com.apple.systemdefault
There was also a "localhost" certificate with a Comcast email address that was similarly marked as not trusted.
Any idea why any of these would not be trusted?
Thanks,
JCYes, reinstalling is the backup plan.
But this Macbook is about one year old. I should not cause that much trouble. -
Hello all.......
I have issues w/ "com.apple.systemdefault" certificate (& other Apple certificates) not being trusted... I have yet to find a response to queries re: same.... Is this something no one can answer OR maybe a too simple a problem to take time with?
TIA, JackHello all.......
I have issues w/ "com.apple.systemdefault" certificate (& other Apple certificates) not being trusted... I have yet to find a response to queries re: same.... Is this something no one can answer OR maybe a too simple a problem to take time with?
TIA, Jack -
Firefox blocks sites certificate not trusted
I reset firefox to try and cure a email printing issue where firefix was printing all emails in tiny font. After the reset firefox would not access sites like google because the certificate was not trusted. I tried turning off my security system - Norton - but that didn't correct the problem. I also reinstalled firefox but the problem persisted. Also made sure that I had the proper time set in the computer. I'm using IE to get my emails and access sites that firefox is blocking me from but would like to cure the firefox issue.
hello, a possible solution depends on different factors:
* what is the '''error code''' shown under ''technical details'' on the error page?
in case the error code equals ''sec_error_unknown_issuer'', please attempt to add an exception on the bottom of the error page & inspect the certificate (see the screenshot attached for instructions):
* which '''issuer information''' does the certificate contain?
thank you!
[["This Connection is Untrusted" error message appears - What to do]] -
Irdeto certificate, not trusted by iPad, why
I've just joined EE film. When I've tried to download, not stream, a film, to my ipad, the EE app require an Ideto Certificate. When I've started to download the certificate, ipad says this is not trusted.
Any ideas why & should I download it anyway?Having spoken to the EE help desk re this problem. They told me it now appears that you can't play any EE films on apple products as Apple have restricted it. So I am all Appled up & can't play any films from EE. Having only swithced to EE for this reason I'm now stuck with an Iphone 5 I didn't need. GREAT!
-
Verisign certificate not trusted by Nokia phones..
Hi there,
I have E71 and E72 with latest firmwares, but when I go to web site using HTTPS, I got certificate warning (not trusted) if the certificate is signed by:
"verisign class 3 international server ca - g3"
How this can be happened?
I got this also with my old WM6.5 device.
Solved!
Go to Solution.Few Nokia devices like X-Series , Asha series ,have the VeriSign Class 3 certificate expired or not present,so when the application tries to access a secure server where VeriSign Class 3 International Server CA - G3 certificate is present.The application fails to make secure connection and the message displayed is verification failed Certificate Type: X.509 type 3.
So how can the user uses any secure application launched in year 2012 in these devices. -
This Connection is untrusted (issuer certificate not trusted)
For the past week I have been unable access internet sites via firefox. I keep getting the "The connection is untrusted" error. It does not matter what site, be it google, Mozilla or Yahoo mail.
I have deleted the cert8.db file, cleaned my history and cache and reset firefox but nothing helps. When I go through the "I understand the risk" steps the sites load but not properly. Usually no pictures will load.www.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not trusted.
(Error code: sec_error_untrusted_issuer)
It is a work computer and I believe we use McAffee.
I follow the other directions and viewed the certificate. All looks OK, my time is correct, the certificate isn't set to expire till sometime in October. -
Cannot access common websites security certificate not trusted
I am unable to get to many frequently accessed websites from either Chrome or Safari due to Security Certificate Trust issues. I have been attempting to access Paypal all afternoon without success, as there is no "Proceed anyway" button. I was only able to reach this forum by selecting "Proceed anyway"(!) Other machines on my local network accessing the web via UVerse are not having difficulties, so it seems to be Mavericks specific.
This solved my problem:
https://discussions.apple.com/message/18508863#18508863
I solved this on my wife's computer by resetting the security certificate settings. This might help others:
Close all windows.
Keychain Access -> click on System Roots on the left, and then click on Certifcates on the bottom left.
Check to see if any of the certificates on the right have the blue "+" symbol - this means they have custom trust settings.
There is a bug in changing the policies, so you'll have to change them via the method below. Changing them just by changing the access to "system defaults" doesn't seem to save. The method below worked for me.
Double-click on each certificate with the custom setting (blue "+"), expand the section labled "trust". Change the "Secure Sockets Layer (SSL)" setting to "no value specified". Close window - you should be prompted for the password. Double-click on the certificate again, expand trust, change the "When using this certificate" setting to "Use System Defaults". Close window, and re-enter password.
If you didn't re-enter your password upon closing the window, the setting didn't take. The blue "+" should disappear after a few seconds when it's set back to default. Once all of the certificates are changed back to default, restart Safari.
This solved all of the problems for my wife's computer with these issues and OSX 10.7.4
Message was edited by: Barry Stock -
ISE: Guest SSL Certificate Not Trusted Error
Team,
We are building an ISE Demo for an event, I configured the Guest Access and it is working fine. the problem is that when the guests (Event attendess) try to access the internet they will be reditrected to teh ISE for Guest Authentication. The guest will get the below error message which doesn't look good because the ISE has the self-signed certificate and it doesn't have a public trusted certificate.
I tried to generate a trail SSL certificate from Thawte and Symentec but both replied that we couldn't verify the information you have provided. I believe this is because my domain is not publicly resgitered (I created this domain internally for the event)
Please advice what is the solution for this issue. I don't want my guest/attendees to see the error message. It doesn't look for to demonstrate ISE.
Please advice
Thanks in advanceThe only solution that can competely resolve your issue is to get a certificate from any trusted CA, like Verisign, Thawte, etc. Cost for that is typically $100 per year. Other solution is to use certificate from StartSSL. They have easy procedure for issuing ceritifcates and it's free, but in some browsers that window still may appear sometimes.
-
Yosemite Mail 10.10.2 - SSL port, Certificate not trusted, email can't be seen
Hi All,
Thanks in advance for your help.
I have just upgraded (quite regrettably) to Yosemite 10.10.2 with a clean install (Time machine... that's a whole new bag of tricks hasn't worked can't even reinstall mail via TimeMachine RESTORE.. very helpful apple)
Mail – The simplest of software, is causing no end of problems:
PROBLEMS:
1) When mail opens, it kept saying "Certificate for this server is invalid"
2) The 2 email accounts I have, keep going offline? NEVER had this on any of the macs i've had set up before ran 10.6.8 for ages not a blip?
3) And another glorious trick, even if the email accounts aren't showing any exclamation marks (about being off line)
I select any mail box AND out of nowhere, no emails show in the mail boxes, where only 10 seconds ago they were all there?
4) REPLY ALL just a few moments ago DIDN'T work or reply to all
NOW, it either replies to ALL including me (the original sender) OR it'll place the original sender email address in TO and all others in CC? when all emails were in the TO field?
Just to be clear: I have set up 2 email accounts as IMAP on the mac (Say email X and email Y), and have tested by sending an email FROM email X TO email Y and a hotmail account, just to have more than 1 email address in the to field to see what happens with the REPLY ALL. It doesn't work suffice to say
SOLUTIONS TRIED BUT NOT WORKED SO FAR
I have scoured the forums and tried a few suggested things
1) I have 2 email accounts, both of which I'm setting up as IMPA, my ISP Tech support for email host has said "Set the SSL port to 587"
– Tried doing that in 2 places
a) Mail > Accounts > (select email account) > Advanced There under PORT stated 587
b) Mail > Preferences > Accounts (select account) > Advanced > PORT And here it is NOT the stated 587, it's (currently) 143?
(I've tried changing this to 587) and this doesn't solve the problem(s)
2) I tried UNTICKING "automatically detect and maintain account settings". but this didn't solve anything, and the whole certificate error and Mail going offline started up pretty much instantly
3) Tried ticking the "Allow Insecure authentication" - Again, no solution?
4) I did have my gmail account set up, but took that out of the equation as that wasn't helping, and with that I couldn't hit REPLY ALL and it show up in the TO field????
I appreciate this is a lot of information on the screen, but i've tried to be as through as I can, and seriously I CANNOT believe Apple have managed to mess up a corner stone app that should Just work?
Thanks agin for any help or pointers.
MypetshadowCAVEAT:
1)I'm not technically qualified, but thought i should share the info I have found that works for me after having a tech guy from the ISP sort out the settings to get my main running:
2) This has been working for all of 2 hours... lets hope it stays that way.
3) My emails are set up as IMAP accounts.
So....
After speaking / emailing with my ISP and after 4 days of what seems like ****... (Seriously, thanks Apple "it just works.... like a hole in the head") I have a few solutions that are working for me and thought I would post them up for people who maybe having the same difficulty...
SSL PORTS AND CERTIFICATES ISSUE
1) Once you "CREATE' an email account, you have to adjust the settings manually (No surprise there)
• There are some people saying you have to UNTICK the "Automatically detect and maintain my account settings"
• (I'm NOT a techie kinda guy), BUT in my case I LEFT THIS CHECKED (on advise from the ISP tech guy), and for me it is working. The tech guy from my ISP said something on the lines of "If the PORT is 993 then SSL has to be checked, If it's port 143 the SSL IS UNCHECKED"
Again, i'm not a techie, but this may be of relevance to you.
Screen grab of the main IMAP settings page
2) EDITING the SMTP settings
• MAIL > PREFERENCES > ACCOUNTS > select your newly created account > ACCOUNT INFORMATION TAB
– From the OUTGOING MAIN SERVER Dropdown list, Select EDIT SMTP SERVER LIST and change your port to 465 (note: Originally port was 587... read below)
Here, SSL WAS CHECKED, as was "Automatically detect and maintain account settings".
REPLY ALL MOVES EMAILS INTO THE CC FIELD
• Originally the port was set at 587 BUT I noticed a glitch; when I hit reply all, this would put all email addresses that were in the TO field into the CC field? (excluding the original sender...) Not helpful.
• I noticed (in an earlier mess up and moving around of ports etc) that when the port was changed to 465 (another port that the ISP tech guys said was an option) my email started behaving as expected... emails in the TO field stay in the TO field, as expected. and not placed in the CC field
Screen grab of the SMTP edit page:
Right, that's my non-techie tuppence and hope that it is of some help, and if not specifically all you need, it might give a few clues.
Cheers
Maybe you are looking for
-
DB migration from CC&B 2.1 to CC&B 2.3.1
Hi, We are trying to migrate our DB from CC&B 2.1 to CC&B 2.3.1. We already tried migrating our Development DB as well as the System Test DB but both ends up with missing tables or missing entries on tables. If we checked the installed_fixes document
-
How to update DSO data in Data targets (ODS data into Data Targets)
Hi, In 3.5 version we have a option <b>Update ODS data in Data Targets</b> to Transfer Data From ODS to Info cube. In 7.0 How to transfer DataStore Object data to Info Cube, I can't find Update DSO data in Data Target option. can any body Help me to
-
'Notes' field within the Address Book is greyed out
The 'Notes' field within the Address Book is greyed out. The resolution seems simple enough yet this does not work: "Select the person in the Name column in Address Book, then click the Note field in the card." It's still grey after doing so and data
-
TestStand math functions completely explained
Is there a reference that has complete explanations to math functions used in TestStand? Many functions have options that are not explained under help. BenH
-
Time Machine freezes at onset of first backup
I took one of my external Lace disk drives (250 MB - with 200+ MB available) and designated it as the target drive for Time Machine. I've used this drive for over a year with no issues. Time Machine starts up, does its calculations and starts its ini