Skip to main content

"The certificate chain from the server is not trusted" in AppServer 8.1_02

3 replies [Last post]
chirammfm
Offline
Joined: 2008-07-02

I am having problems connecting to an google application. This application uses the basic (trusted)certificates in the $ (JAVA_HOME) jre / security /. It comes to say thatI can connect to the application using my JRE.
The problem is that I can not configure the server to accept this certificates.

I set the property:
-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts
Where cacerts is copied from $ (JAVA_HOME) jre / security /
including the certificate stayed in .asadmintruststore

Please tell me How I could include these certificates, in order to not throw the exception:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: The certificate chain from the server is not trusted
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:274)
.....

Any help are appreciated.
Bruno.

null

null

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
cdonaldson
Offline
Joined: 2007-11-13

Hi Bruno,

Are you using enterprise edition? SJAS8.1_02EE uses NSS so you need to convert your JKS cert in Java to a format that can be imported into NSS, or you need to request your signing authority to send you an alternate format.

Regards,
Chris

chirammfm
Offline
Joined: 2008-07-02

Finally, I could't retrieve the certificate from JRE's truststore. So, I used a certificate of Google ,that I accept in my browser, and I've imported into the NSS DB, but I could't use the same certificate. I imported it into my NodeAgent config dir. It does't work in the domain config dir.

Sorry for my long delay in responding. And thx a lot for help me.

chirammfm
Offline
Joined: 2008-07-02

Please,
Someone can explain me how is the certification process when your server made a request to a entity and have to verify the identity of that entity.
I have to include the default truststore in the server for use it in the process.
This is just the case that I had explained above. I apologize for my bad explain.

I'm having problems since lasts two days. I'll be sick in few hours if I can't connect to google apps.

I tried to use another jdk. To put the self-signed-server certificate in the truststore. Tried to set the -Djavax.net.ssl.trustStore propierty referencing to the truststore of the jdk.

I know that me security level is very low(and my english level too), but I must understand this issue to solve my problems.

Thank You.
Bruno

PD: I can connect to google apps using java in shell ==> the problem is in the server

Message was edited by: chirammfm