Secure Socket

Similar Messages

• SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11. java.security.cert.Certifica

  HI Team,
  while starting the node manager in wls 8.1 and java1.4
  we are facing this issue plz help on this immediately.
  + CLASSPATH=/srvrs/bdv/patches/CR210310_81sp4.jar:/usr/java14/lib/tools.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic_sp.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic.jar::/srvrs/bdv/bea
  + export CLASSPATH
  + export PATH
  + set -x
  + [ 5555 !=  ]
  + [ 142.182.112.123 !=  ]
  + /usr/java14/bin/java -Xms32m -Xmx32m -Dweblogic.security.SSL.enforceConstraints=off -Djava.security.policy=/srvrs/bdv/bea/weblogic81/server/lib/weblogic.policy -Dweblogic.nodemanager.javaHome=/usr/java14 -DListenAddress=142.182.112.123 -DListenPort=5555 weblogic.NodeManager
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <NodeManager: for information on command line options,  try "java weblogic.NodeManager -h">
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Starting NodeManager >
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenAddress to 142.182.112.123..>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenPort to 5,555..>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting java home to '/usr/java14'>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Effective values of properties :
          ListenAddress=142.182.112.123
          ListenPort=5555
          ListenerType=secureSocket
          SavedLogsDirectory=NodeManagerLogs
          NativeVersionEnabled=true
          TrustedHosts=nodemanager.hosts
          StartTemplate=../../server/lib/unix/nodemanager.sh
          ReverseDnsEnabled=false
          ScavangerDelaySeconds=180
          PIDFileReadRetryCount=0
          WeblogicHome=null
          bea.home=null
          JavaHome=/usr/java14
          PropertiesVersion=8.1
  >
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Saving logs in'NodeManagerLogs'>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading private key and certificate chain from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoIdentity.jks. KeyStore type = jks, Using keystore passphrase = true, Alias = DemoIdentity>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoTrust.jks. KeyStore type = jks, Using keystore passphrase = true>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /usr/java14/jre/lib/security/cacerts. KeyStore type = jks, Using keystore passphrase = false>
  SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.
  java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11
          at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
          at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
          at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
          at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
          at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:52)
          at weblogic.nodemanager.internal.SecureSocketListener.run(SecureSocketListener.java:57)
          at weblogic.nodemanager.internal.GenericListener.startListener(GenericListener.java:16)
          at weblogic.nodemanager.NodeManager.startSecureSocketListener(NodeManager.java:461)
          at weblogic.nodemanager.NodeManager.init(NodeManager.java:305)
          at weblogic.nodemanager.NodeManager.run(NodeManager.java:511)
          at weblogic.NodeManager.main(NodeManager.java:31)
  Thanks,
  Eswar

  Hi,
  Did you find a solution to this? We are running into the same issue since upgrading to Weblogic 9.2.3 for WebCT Vista 8.0.4.
  Thanks,
  Ron

• How to create HTTPS or secure Socket objects in JDK 1.4?

  I would like to see sample working code that shows creation
  of Sockets objects that work with HTTPS using JDK 1.4. I am doing
  a POST operation (form submission) on HTTPS URL. I must use Socket
  objects and cannot use URLConnection (I know URLConnection solves the problem automatically in JDK 1.4).
  Also sample code for POST operation would be appreciated.

  I wrote this a little while ago to test out Secure Sockets in 1.4. I assume you are doing the client since you are trying talk to a website or something like that, anyway this test class is tested and works, but you will have to clean it up.
  Pup
  import java.io.*;
  import java.security.*;
  import javax.net.ssl.*;
  public class HelloClientSSL {
      public static void main(String[] args) {
          try {
              int port = 8005;
              int tempport =0;
              if(args.length > 1) {
                  try {
                      tempport = Integer.parseInt(args[1]);
                      port = tempport;
                  catch (Exception e) {
                      System.out.println("Sorry this is not a valid number " + args[1]);
                      System.out.println("Using Default port 8005");
              Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());           
              SSLSocketFactory sslFact = (SSLSocketFactory)SSLSocketFactory.getDefault();
              SSLSocket s = (SSLSocket)sslFact.createSocket(args.length == 0 ? "127.0.0.1" : args[0], port);
              s.setEnabledCipherSuites(s.getSupportedCipherSuites());
              java.net.Socket n = (java.net.Socket) s;
              java.io.ObjectOutputStream OOS = new java.io.ObjectOutputStream(n.getOutputStream());
              BufferedReader in = new BufferedReader (new InputStreamReader(n.getInputStream()));
              String response = "";
              String temp = "This is reall cool and stuff\n";
              OOS.writeObject(temp);
              OOS.writeObject("Hello\n");
              while((response =in.readLine()) != null){
                  System.out.println("Socket message: " + response);
              in.close();
          } catch (Exception e) {
              System.out.println("Exception" + e);
              e.printStackTrace();
  }

• Secure Socket Layer

  My last question was regarding Data Validation and I did not get any feedback but from One person. I'll try my luck again. Can as many of you answer the following questions:
  Is anyone using Secure Socket Layer in their applications, If yes, was hit hard to configure and why?
  If Not, did the auditors raise any concerns about the use of LDAP over the internet regarding encryption? and how were they satisfied?

  No respect. Oracle has this documented pretty well now. http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_ssl.pdf
  I can't speak for all auditors, but that is usually step one.

• Should i use secure sockets for my whole client/server application?

  Hi,
  I have a client server application, and I want to ensure that the login process is secure (i.e. use secure sockets). but I dont know how to switch back to a normal socket once that is done.
  So I am left thinking that i should just use SSL for my whole application, which can last pretty long. But I would rather not. Is there any other way of doing this?
  or should I just encrypt the login info using MD5 or something like that, then send it over an unsecure socket?
  thanks!

  Hey,
  Are you sure you haven't confused JGSS for JSSE?
  Imagine you have a client-server system and you sometimes want data sent over the wire to be encrypted... JGSS offers you this flexibility; if you a encrypted transmission, run ift through JGSS before transmitting it; if you don't want an encrypted transmission, bypass JGSS and just send the transmission.
  The benefit is the security (encryption) isn't hard-wired into you communications protocol i.e. TLS. JGSS has nothing to do with connections it is just protocol for securing messages, not sending them.
  You would need to establish the secure context but this could be done at startup and persist for the duration of you applicaiton invocation. You perhaps might need to implement a mechanism to identify encrypted messages on the receiving peer (so it knows to attempt decryption).
  Admittedly, kerberos seems like one of those 'inside-joke' things. I've come to realise if you don't have some sort of kerberos realm/server against which to authenticate - you need to swap it out as the underlying mechanism. How this is done I'm not sure yet, but I intend to find out today....further down the rabbit hole I go!
  If I discover anything helpful, I will let you know.
  Warm regards,
  D

• Problem with unchecking secure sockets layer checkbox in outgoing SMTP server Apple Mail / Mountain Lion

  After installing Mountain Lion my mail was converted and all my messages showed up, however, when I try to send I get an error. I have traced this error to the fact that Apple has automatically checked the box "Use Secure Sockets Layer (SSL)" in my Apple Mail preferences even though it wasn't checked before upgrading.  Now whenever I try to uncheck it it keeps filling itself back in.  I have tried to delete that outgoing server and readd it and it continues to check the box.

  Hi
  I have a similar problem here i have work accounts which do not need the SSL ticked but when I uncheck the box and in a  few seconds the tick is back up again sometimes I have to click about 10 times or so for it to stay off. I tried to do your sollution it did not work on your suggested port but seemed to work on the 25 port . Also I found i only have the problem when I am at work were we are on a PC network and firewall. It seemed to work fine on a normal home line. Also it only happens on Mountain Lion I have a older macbook with snowleopard and there i have not problems sending messages
  as right it was said Apple needs to look into that ASAP as it is very frustrating

• Secure Socket Transport in OSB

  Hi
  How to create a secure socket Transport Provider (TCP/IP) in oracle service bus?
  Thanks and regards
  Muthuvignesh.M

  Hi
  Thanks for ur reply.
  i've installed the socket transport code that comes with the installer and i've changed it to secure socket (SSL) connections. i've problem in using service key provider with the secure socket transport.
  Thanks and regards
  Muthuvignesh.M

• TS3276 I can't send messages with mail 6.0 of mountain lion, because I can't desactivate the option SSL (Secure sockets Layers); it is locked

  I can't send messages with mail 6.0 of mountain lion, because I can't desactivate the option SSL (Secure sockets Layers); it is locked

  Hi, i am having the same problem. this is what i have noticed.
  I have 2 x imac's and 2 x macbook air's
  i upgraded the 2 macbook air's and 1 of the imac's to Mountain Lion, all these have problems acessing sites that require you to login .
  the one remaining imac is still running lion and works perfect.
  i am using a dlink router with DD-WRT firmware, i tested teathering from my iphone and i can log into websites fine using the newly upgraded mac's.
  It's not a wireless issue as my imac is using an ethernet connection.
  is there a compatibility issue with some routers.

• Unsecure socket to secure socket at runtime /help required

  I have an IMAP4 server in Java. I want to implement RFC2595 (TLS support) for it.
  Now I can listen on a separate secure socket, and use the various examples provided by JSSE to do this.
  However, this is discouraged in the RFC. It recommends using the unsecure port 143 and negotiating a secure connection via the STARTTLS command.
  The STARTTLS is sent unencrypted. Once the server accepts the STARTTLS and returns an OK response to the client an SSL negotiation is supposed to take place.
  My question is how do I achieve this with JSSE.
  Any help will be appreciated.
  Regards
  Vikash

  Does SSLSocketFactory.createSocket(Socket,...) work for you? Haven't used it myself, but it's supposed to be for exactly this case.
  Good luck!
  Grant

• Security Error - Secure sockets

  Hi,
  We have a application deployed on a Solaris Server. This is a Vignette Portal application.
  We have an integration with webmethods and we need to use SSL for secure connection.
  But while we are trying to connect we are getting the following error
  Secure sockets are not supported with this version of the classes.
  We have put the .so file and the cert file required for the integration in the server and set the Path and LD_LIBRARY_PATH to the .so file.
  Still we are not able to connect to the integration.
  Please help out
  Thanks and Regards,
  Aqeel
  Message was edited by:
  Aqeel

  This is not a Java message. Contact the vendor of whatever 3rd-party software you are using.

• Does firefox 3.6.3 have 128-bit secure sockets layer encryption?

  i need to access a government website that requires 128-bit secure sockets layer encryption in my browser. Does firefox 3.6.3 have that feature?

  Firefox 4 requires at least OS X 10.5 and an Intel Mac.
  * http://www.mozilla.com/firefox/4.0/system-requirements/
  For an unofficial Firefox 4 compatible version (TenFourFox) that runs on PowerPC Macs with OS X 10.4.11 or OS X 10.5.8 you can look at:
  * http://www.floodgap.com/software/tenfourfox/
  Firefox 3.6.x (Mac OS X 10.4 and later) can be found here:
  * http://www.mozilla.com/en-US/firefox/all-older.html
  * http://www.mozilla.com/firefox/3.6/system-requirements/

• Secure Socket Tunnelling Protocol Service cannot start

  I'm having problems with my mobile broadband since the Dec 2011 updates cycle.
  Hardware: ASUS F6VE laptop, core2duo, 4 gig ram, ATI graphics
  OS: Microsoft Windows 7 Home Premium 32bit SP1 completely updated to Dec 2011. This install was originally Vista Home Premium 32bit and upgraded to Win7.
  AV:  Microsoft Security Essentials
  The symptoms:
  Error 711:" The operation could not finish because it could not start the Remote Access Connection Service manager in time."
  Rasman cannot start because Secure Socket Tunnelling Protocol service cannot start.
  The system log is now filling up with:
  7001: "The Remote Access Connection Manager service depends on the Secure Socket Tunnelling Protocol Service service which failed to start because of the following error:
  The operation completed successfully."
  and
  7036: "The Secure Socket Tunnelling Protocol Service service entered the stopped state."
  Attempting to open the properties of the dialup adaptor gives an error dialog box:
  Title:"Network Connections"; Message:"An unexpected error occurred." Removing the existing connections and trying to reinstall the modem made no difference.
  The issue is specific to the dial up / mobile broadband though as the Ethernet still works fine. The mobile broadband stopped working when I let the December 2011 Windows Updates install. It was fine till then - I'd been using it all day before applying the
  updates that night. The only odd thing that I will say is that for a few weeks now, occasionally Windows would occasionally not detect the display, keyboard and track pad on first boot, but restarting generally was successful. Then just when I started up the
  PC to download the hot fixes, the Windows detected "new hardware" and reloaded drivers for the ACPI x86 based PC (i.e. the HAL driver) and a few others that I wasn't quick enough to note. I've never seen that happen before, but now the hardware is being set
  up correctly each boot and seems to behave apart from SSTP service is broken.
  Rolling back to a previous restore point did not fix it, nor did uninstalling the hotfixes.
  I've tried pretty much every fix that I have been able to find and none are successful.
  The "fix" by removing sstpsvc as a dependency in the RasMan registry key was unsuccessful.
  The "fix" by deleting the contents of %system32%\Logfiles\WMI and %system32%\Logfiles\WMI\RtBackup was unsuccessful
  The "fix" by reregistering netshell.dll and ole32.dll successfully registered for the former, but not ole32.dll. The problem was not fixed.
  "sfc /scannow" only finds the autochk.exe hash issue, which has been a present for some time.
  I will mention that I had VMWare Workstation 7.1.4 installed. I tried to uninstall it a while back, but it broke another program that I need - probably something to do with the sentinel driver. I have now uninstalled VMWare and reset the TCP/IP stack without
  issue. The problem was not fixed though.
  I really don't want to reinstall as it's taken me quite some time to get it set up as I want it

  You don't need to start the services you just need to make sure that the startup type is set to manual.
  The service itself will start when needed.
  This message here is not an error or problem, it is just telling you that service is not being used by anything on your computer.
  SSTP: "The Secure Tunnelling Protocol Service on Local Computer started then stopped. Some services stop automatically if they are not in use by other services or programs."
  What exactly are you trying to do that requires this service (SSTP)?

• Java 8 Java Secure Socket Extension (JSSE)

  Will there any chnages in Java Secure Socket Extension (JSSE) implementation on JDK 8.

  See here. 10 seconds in Google.

• [Request For Help] How To Send Email Midlet Using Secure Socket ?

  Hello, this is the first time i ask for help to forum.sun.com.
  i try to make secure connection for send email from MIDlet. Maybe you can check to my code :
  EmailMidlet.java
  import javax.microedition.midlet.MIDlet;
  import javax.microedition.midlet.MIDletStateChangeException;
  import javax.microedition.lcdui.;
  public class EmailMidlet extends MIDlet implements CommandListener{
  Display display = null;
  // email form fields
  TextField toField = null;
  TextField subjectField = null;
  TextField msgField = null;
  Form form;
  static final Command sendCommand = new Command("send", Command.OK, 2);
  static final Command clearCommand = new Command("clear", Command.STOP, 3);
  String to;
  String subject;
  String msg;
  public EmailMidlet() {
  display = Display.getDisplay(this);
  form = new Form("Compose Message");
  toField = new TextField("To:", "", 50, TextField.EMAILADDR);
  subjectField = new TextField("Subject:", "", 15, TextField.ANY);
  msgField = new TextField("MsgBody:", "", 90, TextField.ANY);
  public void startApp() throws MIDletStateChangeException {
  form.append(toField);
  form.append(subjectField);
  form.append(msgField);
  form.addCommand(clearCommand);
  form.addCommand(sendCommand);
  form.setCommandListener(this);
  display.setCurrent(form);
  public void pauseApp() {
  public void destroyApp(boolean unconditional) {
  notifyDestroyed();
  public void commandAction(Command c, Displayable d) {
  String label = c.getLabel();
  if(label.equals("clear")) {
  destroyApp(true);
  } else if (label.equals("send")) {
  to = toField.getString();
  subject = subjectField.getString();
  msg = msgField.getString();
  EmailClient client = new EmailClient(this,"[email protected]", to, subject, msg);
  client.start();
  }and EmailClient.java
  import javax.microedition.io.;
  import javax.microedition.lcdui.;
  import java.io.;
  import java.util.Date;
  public class EmailClient implements Runnable {
  private EmailMidlet parent;
  private Display display;
  private Form f;
  private StringItem si;
  private SecureConnection sc; //SSL
  private InputStream is;
  private OutputStream os;
  private String smtpServerAddress = "smtp.gmail.com"; //SSL
  String from;
  String to;
  String subject;
  String msg;
  public EmailClient(EmailMidlet m, String from, String to, String subject, String msg) {
  parent = m;
  this.from = from;
  this.to = to;
  this.subject = subject;
  this.msg = msg;
  display = Display.getDisplay(parent);
  f = new Form("Email Client");
  si = new StringItem("Response:" , " ");
  f.append(si);
  display.setCurrent(f);
  public void start() {
  Thread t = new Thread(this);
  t.start();
  public void run() {
  try {
  //SSL
  sc = (SecureConnection)
  Connector.open("ssl://"smtpServerAddress":465"); //smtp with SSL port 465
  sc.setSocketOption(SocketConnection.LINGER, 5);
  is = sc.openInputStream();
  os = sc.openOutputStream();
  os.write(("HELO there" "\r\n").getBytes());
  os.write(("EHLO" "\r\n").getBytes());
  os.write(("auth login" "\r\n").getBytes());
  os.write(("dHVnYXNha2hpci50cmlhZGl0eWFAZ21haWwuY29t" "\r\n").getBytes());
  os.write(("dGEuZW1haWxjbGllbnQ=" "\r\n").getBytes());
  os.write(("MAIL FROM:<">\r\n").getBytes());
  os.write(("RCPT TO:<">\r\n").getBytes());
  os.write("DATA\r\n".getBytes());
  // stamp the msg with date
  os.write(("Date: " new Date() "\r\n").getBytes());
  os.write(("From: "+from"\r\n").getBytes());
  os.write(("To: "to"\r\n").getBytes());
  os.write(("Subject: "subject"\r\n").getBytes());
  os.write((msg+"\r\n").getBytes()); // message body
  os.write(".\r\n".getBytes());
  os.write("QUIT\r\n".getBytes());
  StringBuffer sb = new StringBuffer();
  int ch = 0;
  while((ch = is.read()) != -1) {
  sb.append((char) ch);
  si.setText("SMTP server response - " + sb.toString());
  } catch(IOException e) {
  e.printStackTrace();
  Alert a = new Alert
  ("TimeClient", "Cannot connect to SMTP server. Ping the server to make sure it is running...", null, AlertType.ERROR);
  a.setTimeout(Alert.FOREVER);
  display.setCurrent(a);
  } finally {
  try {
  if(is != null) {
  is.close();
  if(os != null) {
  os.close();
  if(sc != null) {
  sc.close();
  } catch(IOException e) {
  e.printStackTrace();
  public void commandAction(Command c, Displayable s) {
  if (c == Alert.DISMISS_COMMAND) {
  parent.notifyDestroyed();
  parent.destroyApp(true);
  } When I try to debug project from netbeans, i found this error :
  Starting emulator in debug server mode on port 2668
  Connecting to 127.0.0.1 on port 2800
  nbdebug:
  Waiting for debugger on port 2668
  Waiting for KVM...
  Running with storage root temp.SonyEricsson_JP8_128x160_Emu10
  KdpDebugTask connecting to debugger 1 ..
  Running with locale: Indonesian_Indonesia.1252
  Connected to KVM
  Connection received.
  Attached JPDA debugger to localhost:2668
  java.io.IOException: error 10054 during TCP read +
  at com.sun.midp.io.j2me.socket.Protocol.nonBufferedRead(Protocol.java:299)+
  at com.sun.midp.io.BufferedConnectionAdapter.readBytes(BufferedConnectionAdapter.java:99)+
  at com.sun.midp.io.BaseInputStream.read(ConnectionBaseAdapter.java:582)+
  at com.sun.midp.ssl.Record.rdRec(+41)+
  at com.sun.midp.ssl.Record.rdRec(+5)+
  at com.sun.midp.ssl.In.refill(+18)+
  at com.sun.midp.ssl.In.read(+29)+
  at EmailClient.run(EmailClient.java:74)+
  Execution completed.
  5145824 bytecodes executed
  9258 thread switches
  1762 classes in the system (including system classes)
  0 dynamic objects allocated (0 bytes)
  0 garbage collections (0 bytes collected)
  debug:
  BUILD SUCCESSFUL (total time: 4 minutes 34 seconds)
  Regard
  Littlebro

  Don't multipost and don't use the browser's back button to edit your posts as that creates multiple postings. I've removed the other thread you started with the same questio.
  Also, don't post to long dead threads. I've blocked your post and locked the thread you resurrected.
  db

• Opening a secure socket in Creator app

  Hi All,
  I have this app in Creator which tries to make connection with a server over HTTPS. When I run this java prgram from Eclipse (standalone java program), its able to make connection to the server. But when I try and run the app and make this call to another server from the app, it gives me following error --
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
  I am trying to make the connection using sockets -
  String TARGET_HTTPS_SERVER = "www.server123.com";
  int TARGET_HTTPS_PORT = 443;
  SSLSocketFactory factory = new SSLSocketFactoryImpl();
  Socket socket = factory.createSocket(TARGET_HTTPS_SERVER, TARGET_HTTPS_PORT);
  The difference between the program that I run thru Eclipse and thru Creator is Eclipse uses JDK 1.4.2 and Creator uses 1.5.0. I changed the Project settings from Creator to make use of JDK 1.4.2 but that didnt help. The error persisted.
  When I ran the app in debug mode, I could see the socket info as 5397f6[Unknown 0x0:0x0: Socket[addr=www.server123.com/123.123.123.123,port=443,localport=52994]] while the same socket when created in Eclipse (standalone mode using JDK 1.4.2 showed the socket as f01771[SSL_RSA_EXPORT_WITH_RC4_40_MD5: Socket[addr=www.server123.com/123.123.123.123,port=443,localport=53032]]. It is obvious the problem is in opening the socket. The first one shows ciphers as Unknown while the second one uses RC4_40_MD5.
  Is it a certs issue? I checked that both 1.4.2 and 1.5.0 installations have same size of cacerts.
  Thanks,
  Ashish

  I'm not an expert in all that certificate stuff!
  But the Creator applications run inside the Sun Application Server and that has it's own cacerts.jks per domain. Maybe that's the reason why it can't find the trusted certificate??
  Look at <Creator_home>/SunAppServer8/domains/creator/config/cacerts.jks
  I hope this helps.
  Thanks,
  -- Marco

• How do I make this "special" secure socket connection?

  Hello:
  I have a client (applet) -server system that uses sockets for web data communication.
  However I' d like to make it secure. I could use SSLServerSocket and SSLSocket, but the problem is that I have to send a signed applet to the client and the final user would have to deal with "certificates".
  I remember that some years ago it was frequent to have the user "approve" certificates for viewing some web pages, but it's a long time I have never seen it again. For example, when I use my bank internet service I have never been asked to approve any certificate, yet in the bottom-right corner of my Firefox I can see "Signed by Verisign...", and I am sure I have never approved any certificate from the bank because the PC is only 3 weeks old, and I have never received any certificate approval request. OK, my bank system is html/js based, and the address bar shows https protocol, so there must be a SSL, but why don't I get any certificate approval?, How can this be done with Java?
  Thanks!

  It the certificate is signed by a CA that the browser already trusts, and it hasn't expired, you don't get any approval dialogs.
  In Java that corresponds to the certificate being signed by a CA that is trusted by the Java truststore.
  See the [JSSE Reference Guide|http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html].