|
|
 |
cosign-discuss at umich.edu
|
|
general discussion of cosign development and deployment
|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: certificate questions
Phil Pishioneri wrote:
On 9/15/05 8:31 AM, Will Jaynes wrote:
keytool -keystore keystore -keyalg "RSA" -import -trustcacerts -file
www.umms.med.umich.edu.cer
The error I get is:
keytool error: java.lang.Exception: Failed to establish chain from reply
Do you have an idea what my problem might be?
This is just a guess based on faint memory, but you may need to first
import the umwebCA cert (and have it set as a trusted CA).
-Phil
Thanks, Phil,
I found the umwebCA.pem file and imported it into my java cacerts
keystore. I was then able to import into my cosign keystore file the
certificate that the umweb folks had sent me. I still have some probelm
with the certificate, however.
I've followed the instructions from the jcosign-1.0b1.zip file I got
from the cosign download page. My webapp does redirect to the cosign
login page, but after authenticating and getting redirected back to my
webapp, the code throws the following expection:
SSLSocketFactory = com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl@71edc0
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: Untrusted Server Certificate Chain
So the cosign filter isn't able to connect to the cosign server due to
some problem with the certificate.
Does anyone have an idea what might be going on here?
thanks, Will
|
|
