-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Igor,
On 10/23/18 05:35, Igor Cicimov wrote:
> On Tue, Oct 23, 2018 at 8:12 AM Christopher Schultz <
> ch...@christopherschultz.net> wrote: You are talking about a web
> application connecting to an outside service like a REST service
> via HTTPS,
Dear Igor and others,
in this context maybe the attached Java program together with this script is
useful for you ...
#!/bin/bash
if [ -z "$1" ]; then
cat >&2 <<-EOT
syntax : $0 [-d] [-a]
purpose: check ssl certificate path. Use [#] to
>Just to make it clear, when I mentioned Java8u91 as an example I meant for
>the time when lets say Java8u81 was latest at that moment. In that case
>when using the built in JVM store you would encounter failed connections to
>servers with G2 signed certificates. Then as you said you would need to
Hi Guido,
On Tue, Oct 23, 2018 at 7:49 PM Jäkel, Guido wrote:
> Dear Igor,
>
> >> 3. In case JAVA_HOME/lib/security/cacerts is my trust store (the
> default) I would
> >> expect Java to use the system store(s) too in case a certificate can
> not be validated
> >> simply because a CA is missing i
Hi Chris,
On Tue, Oct 23, 2018 at 8:12 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Igor,
>
> On 10/18/18 19:09, Igor Cicimov wrote:
> > On Fri, Oct 19, 2018 at 2:14 AM Christopher Schultz <
> > ch...@christopherschultz.net>
Hi Mark,
On Tue, Oct 23, 2018 at 3:13 AM Mark H. Wood wrote:
> On Fri, Oct 19, 2018 at 10:09:16AM +1100, Igor Cicimov wrote:
> [snip]
> > To conclude, the way I would expect the trust store to be used and the
> > whole validation done:
> >
> > 1. I use custom trust store because I need to load s
Dear Igor,
>> 3. In case JAVA_HOME/lib/security/cacerts is my trust store (the default) I
>> would
>> expect Java to use the system store(s) too in case a certificate can not be
>> validated
>> simply because a CA is missing in the Java store. Example, DigiCert Global
>> Root G2 CA is missing in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Igor,
On 10/18/18 19:09, Igor Cicimov wrote:
> On Fri, Oct 19, 2018 at 2:14 AM Christopher Schultz <
> ch...@christopherschultz.net> wrote: Java has no notion of CAs, nor
> does any trust store, really.
>
>
>> Correct, but by loading all CAs in t
On Fri, Oct 19, 2018 at 10:09:16AM +1100, Igor Cicimov wrote:
[snip]
> To conclude, the way I would expect the trust store to be used and the
> whole validation done:
>
> 1. I use custom trust store because I need to load self signed certificates
> that
> I need to validate when connecting to lets
Hi Chris,
On Fri, Oct 19, 2018 at 2:14 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Igor,
>
> On 10/16/18 17:03, Igor Cicimov wrote:
> > On Tue, Oct 16, 2018 at 8:56 PM Igor Cicimov
> > wrote:
> >
> >> Hi Jose,
> >>
> >> On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Igor,
On 10/16/18 17:03, Igor Cicimov wrote:
> On Tue, Oct 16, 2018 at 8:56 PM Igor Cicimov
> wrote:
>
>> Hi Jose,
>>
>> On Tue, Oct 16, 2018 at 5:52 PM Jose María Zaragoza
>> wrote:
>>
>>> Hi
>>>
>>> El mar., 16 oct. 2018 a las 1:49, Igor Cic
On Tue, Oct 16, 2018 at 8:56 PM Igor Cicimov wrote:
> Hi Jose,
>
> On Tue, Oct 16, 2018 at 5:52 PM Jose María Zaragoza
> wrote:
>
>> Hi
>>
>> El mar., 16 oct. 2018 a las 1:49, Igor Cicimov ()
>> escribió:
>> >
>> > Hi all,
>> >
>> > I just want to clarify something that I've been seeing behave
>
Hi Jose,
On Tue, Oct 16, 2018 at 5:52 PM Jose María Zaragoza
wrote:
> Hi
>
> El mar., 16 oct. 2018 a las 1:49, Igor Cicimov ()
> escribió:
> >
> > Hi all,
> >
> > I just want to clarify something that I've been seeing behave differently
> > on various Java versions during the years. In case we h
Hi
El mar., 16 oct. 2018 a las 1:49, Igor Cicimov () escribió:
>
> Hi all,
>
> I just want to clarify something that I've been seeing behave differently
> on various Java versions during the years. In case we have the following
> setting:
>
> -Djavax.net.ssl.trustStore=/keystore/truststore.jks"
>
14 matches
Mail list logo
