File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Sockets and Internet Protocols and the fly likes Untrusted server cert chain ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "Untrusted server cert chain ? " Watch "Untrusted server cert chain ? " New topic

Untrusted server cert chain ?

Horaci Macias
Ranch Hand

Joined: Nov 08, 2001
Posts: 74
I'm trying to connect to an https site with this java code
when I try to read from BufferedReader, I have a SSLException: untrusted server cert chain.

Could anyone explain me if I can solve it?How ?
Thank you,
Horaci Macias
Lewin Chan
Ranch Hand

Joined: Oct 10, 2001
Posts: 214 untrusted server cert chainjava.lang.Throwable(java.lang.String)java.lang.Exception(java.lang.String)
basically means that your client doesn't trust the server (or any of the server's signers).
There could be any number of reasons for this,
a) the server's certificate is a self-signed one
b) The server does not provide a large enough "certificate chain" to go back to one of the certs in the jre/lib/security/cacerts.

I have no java certifications. This makes me a bad programmer. Ignore my post.
Abhi Basu

Joined: Apr 05, 2004
Posts: 13
I ran into this problem myself. I fixed this by updating the cacerts file
in the JVM ($JAVA_HOME/jre/lib/security) with the same file from a JDK1.4 installation. Apparently, the JDK 1.4 knows about a lot more licensing
agencies (like Verisign, Thawte etc) than JDK 1.3 ever did. This would
work for all certificates issued by known agencies/common agencies, even test/trial ones. If you use a custom certificate, then you would have to export the certificate out of your server and import it into the JVM of your app server/web server.
Hope this helps.
I agree. Here's the link:
subject: Untrusted server cert chain ?
It's not a secret anymore!