I have a java server that is trying to connect to an external Ldap server through SSL (as a client in order to perform queries). I’m having trouble connecting since the certificate they send me upon connecting is trusted only in my local windows Truststore but is not present in java truststore (cacerts)…
Tag: ssl
Unable to Send Mail – javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
We are sending Mail using Spring JavaMailSenderImpl. Following is the configuration Properties File :- Console Logs We are convinced that this is not related to the SSL certificate as there are other web applications deployed in the same server which sends email perfectly with the same configuration. What cou…
Java SSL client not selecting a smartcard key
I’m trying to use an Estonian ID card for SSL client authentication in a java program. This works in Chrome/Firefox against both banking sites and test servers (nginx or openssl s_server). However my Java client (okhttp) works fine for a local keystore and fails when trying to use the ID card. I’v…
Android Https web service communication (SSL / TLS 1.2)
In my Android application I’ve got to communicate with a https web service and read the response. I’ve informed the server configured SSL with TLS 1.2. I am using the following sample code to connect with the service (https get request), but only the devices that runs Android 5.0 or above can succ…
Java CertificateException “No subject alternative names matching IP address … found”
I’m trying to implement a selfsigned certificate into my webserver, and it’s working already with firefox and chrome (both from the server itself and from a remote machine)… but I can’t get it to work with java. I’ve already created a keystore file that contains my certificate, b…
java.lang.Exception: Public keys in reply and keystore don’t match
I have to access a webservice hosted at port 443.Service provider has shared three certificate with us. ABCD.cer CA_Certificate.cer CCA_Certificate.cer I have to add them to keystore by creating a form chain for the SSL communication.I have followed below steps. keytool -keystore npci_keystore_test.jks -genke…
What format is java’s cacerts format expected to be?
I’m slightly confused about cacerts formats. An application I use recently had to upgrade it’s cacerts file. The original cacerts file was pk12 format (I assume, it’s binary), while the new format is clearly pem. I can use either cacert, but when I suggested someone having trouble with authe…
Java 6 ECDHE Cipher Suite Support
The Java Cryptography Architecture Standard Algorithm Name Documentation page for Java 6 lists ECDHE cipher suites. Thus I would expect they are supported in Java 6. Yet neither OOTB Java 6 nor the addition of the JCE Unlimited Strength policy files is enabling them. The book Bulletproof SSL and TLS also indi…
SSL Java java.io.IOException: Invalid keystore format
I am testing SSL in java with SSLServerSocket and other classes in the java.ssl package. When I run the following code, I get the exception java.io.IOException: Invalid keystore format. My code: File key.txt: 1268312345812304612348712634283427346 I am guessing I should put something else in the key.txt file, …
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. Android 2.3
In my server (production server), I have a goDaddy ssl certificate. I have both iOS and Android apps connecting with the server, iOS connecting with no problems, android with versions 4.* everything is good, but with devices with 2.3.* I always get a SSLHandshakeException. I did exactly like on Android Develo…