JESSIE - SSL BAD_CERTIFICATE Exception
Mon Dec 8 15:46:00 GMT 2008
Problem seems to be with the Active Directory Test Certificate that comes with Windows 2003.
I purchased a domain certificate and no problem with it.
I will try to plugin the bounty castle and test with it.
Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around
Active Directory Browser http://www.ldapsoft.com/activedirectoryadmintool.html
----- Original Message ----
> From: Casey Marshall <email@example.com>
> To: Jary Grove <firstname.lastname@example.org>
> Cc: email@example.com
> Sent: Tuesday, October 21, 2008 12:13:27 PM
> Subject: Re: JESSIE - SSL BAD_CERTIFICATE Exception
> On Oct 21, 2008, at 7:16 AM, Jary Grove wrote:
> > Sorry, I was not very clear in my request.
> > I have extracted out the Jessie code from the classpath and compiling it as a
> seperate project.
> > If you tell me which class to modify to ignore this error, it will be very
> helpfull (atleast it will keep me going until this bug is permanently fixed).
> No, I understood that. I'm saying that the bug likely isn't even in the Jessie
> code, but in the generic certificate support, in the gnu.java.security.x509
> package. My guess is that the parser is throwing an exception, and Jessie can't
> setup a connection if there is no certificate.
> If you've extracted that code, too, then you have a chance of fixing or working
> around this issue. If it is a bug, it's in the class
> But, I was also saying that you can plug-in a different certificate parser, and
> Jessie will use that one.
> If you can send me the certificate it's choking on, I might be able to figure
> out more precisely what the issue is..
> > Thanks
> > ----- Original Message ----
> >> From: Casey Marshall
> >> To: Jary Grove
> >> Cc: firstname.lastname@example.org
> >> Sent: Monday, October 20, 2008 5:44:03 PM
> >> Subject: Re: JESSIE - SSL BAD_CERTIFICATE Exception
> >> On Mon, Oct 20, 2008 at 3:08 PM, Jary Grove wrote:
> >>> Any quick fix?
> >>> I am compiling Jessie from the source and will be able to plug in the
> >> easily, if you can give me some pointers on how to ignore this error.
> >> This is actually a problem in the certificate parser, which are a part
> >> of classpath/libgcj itself. You can plug in a different implementation
> >> of this, via the standard security provider APIs.
> >> Bouncycastle likely has an implementation which isn't as buggy as the
> >> classpath one.
More information about the Java