I know this is a verrry basic problem with SSL but please bear with me.
We have a client that connects to a secure webservice and was working fine till the certificate on the server machine was due to expire so it was renewed and setup on the webserver. The certificate on the webserver is : +XXX global root +XXXX Certificate Authority +XXXXX CA +www.xx.com
Now on the client machine I just saved the certificate from the browser when accessing the secure page of the server into a .cer file. This saved the "www.xx.com" certificate alone. I imported that using the keytool into the keystore that the client application refers to for the SSL Handshake.
I keep getting the above mentioned error!! I've tried everything from adding the whole chain of certificates onto the client's keystore to make sure I chain all the way to the root one but still nothing.
Any ideas what I am missing or where can i start looking again. Really appreciate anything here
<b><i>KaReEm</i><br /><ul type="square"><li>SCJP-Free Range Web Developer <br /></ul></b>
Joined: Aug 06, 2001
Got it figured out!
It was a configuration issue on apache for the SSL, where the CA certificate key file was configured with the property name SSLCertificateChainFile, while when we checked previous versions of the configuration we used to put it with the property SSLCACertificateFile when we did that we got it fixed.
Now another error :
In one way or another it says "Certificate missing Basic constraints extensions"