[21955] in Athena Bugs
linux 9.1.27: java
daemon@ATHENA.MIT.EDU (karlm@MIT.EDU)
Wed Apr 30 21:58:41 2003
From: karlm@MIT.EDU
Message-Id: <200305010158.VAA14651@w20-575-38.mit.edu>
To: bugs@MIT.EDU
Date: Wed, 30 Apr 2003 21:58:39 -0400
System name: w20-575-38.mit.edu
Type and version: i686 9.1.27
Display type:
Shell: /bin/athena/tcsh
Window manager: twm
What were you trying to do?
Make an SSL connection to po10.mit.edu on its IMAPS port (993).
What's wrong:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Could not find trusted certificate
What should have happened:
It should have accepted the validity of p10's certificate.
Please describe any relevant documentation references:
Please add the MIT Certificate Authority certificate to the
default keystores for all Athena machines. MIT acts as its
own Certificate Authority because it does not like the legal
waivers it would have to sign with Verisign, Thawte, etc. The
default keystore contains only the standard CAs (Verisign, Thawte,
etc.) See http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security6.html
I tried adding the MIT CA to $HOME/.keystore, but it seems not to
have worked properly. It would be nice to be able to connect
securely to MIT via Java.
