Re: untrusted server certificate chain
Friday, June 1, 2001 11:12 AM
You should add the verisign public trial certificate (the one used to sign your trial certificate) to the certificate authority list used by your java program.
This can be done two ways, adding it to the keystore JRE_HOME/lib/security/cacerts file using keytool program,
or adding it dynamicly in your java code with something like that :
kmf = KeyManagerFactory.getInstance("SunX509");
CaKs = KeyStore.getInstance("JKS");
tmf = TrustManagerFactory.getInstance("SUNX509");
ctx.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory ssf = ctx.getServerSocketFactory();
So now you can get SSLSockets from the SSLSocketFactory which will accept your certificate.