This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Security and the fly likes My cacerts keep expiring after 20 minutes? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "My cacerts keep expiring after 20 minutes?" Watch "My cacerts keep expiring after 20 minutes?" New topic
Author

My cacerts keep expiring after 20 minutes?

Raymond Holguin
Ranch Hand

Joined: Aug 11, 2009
Posts: 77
So I am using the InstallCert.java file from http://nodsw.com/blog/leeland/2006/12/06-no-more-unable-find-valid-certification-path-requested-target to grab the certs from a SSL enabled server so i can connect via LDAP. The issue is that when i run the program, it generates the jssecacerts file just fine. I copy that to my JAVA_HOME security folder and I am able to connect great, everything works. Then after about 20 minutes it doesn't work anymore and i start getting this execption again



So if I re-copy the same exact cacerts file from before back into my security folder and it works...but again it seems to expire after a few minutes and I get the exceptions again. I am not changing or modifying anything that would cause it to not work. I am literally leaving the computer and coming back to find it no longer works and I need to reinstall.

I have tried adding this to my code to expllicity point to the certs file but i get a "the trustAnchors parameter must be non-empty]" exception which from what i have read means it cannot find the file


*NOTE that using the "javax.net.ssl.trustStore" doesn't work no matter when i try using it, i always get the same error.


what could be the problem?
Raymond Holguin
Ranch Hand

Joined: Aug 11, 2009
Posts: 77
While this isn't resolved, I realized I am using the Eclipse built-in JDK so maybe there is some refreshing or something happening that is invalidating the cacerts file. So I just switched to a JDK i have installed on my system to see if that fixes it somehow.

Had no effect, issue still persists...fml
Raymond Holguin
Ranch Hand

Joined: Aug 11, 2009
Posts: 77
Ok this topic can be closed. Turns out its a load balanced LDAP server so depending on when i ran my app i was getting different servers which i didn't have the certificates installed for. Stupid....
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

I had to laugh when I read that. (Sorry, don't mean to be cruel!) You just never know when something completely unexpected is going to come out and bite you, do you? Thanks for posting back with the resolution.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: My cacerts keep expiring after 20 minutes?
 
Similar Threads
Getting exception: error: sun.security.validator.ValidatorException: PKIX path building failed
HELP:Regarding CAed SSL certificate!
Not able to add certificate in keystore
https client certificate
https client certificate