Adrian,
I don't know if you have already done this or not but I wanted to tell you
anyway just in case. I have Java 1.5.0_12 installed on my machine. When it
was installed, it installed the JDK and JRE directories as listed below.
C:\jdk1.5.0_12
C:\jre1.5.0_12
I first copied the jssecacert file to the
C:\jre1.5.0_12\lib\securitydirectory but that didn't fix the problem.
I then copied the file to the
C:\jdk1.5.0_12\jre\lib\security directory and that worked. Again, this most
likely won't help but I wanted to post it just in case.
David
On 10/13/07, Adrian Herscu <[EMAIL PROTECTED]> wrote:
>
> Hi David,
>
> Thanks for your reply.
> I checked that blog; however the solution described there seems to
> belong to other problem:
>
> <snip>
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> [This happens] when trying to open an SSL connection to a host using
> JSSE. What this usually means is that the server is using a test
> certificate (possibly generated using keytool) rather than a certificate
> from a well known commercial Certification Authority such as Verisign or
> GoDaddy. Web browsers display warning dialogs in this case, but since
> JSSE cannot assume an interactive user is present it just throws an
> exception by default.
> </snip>
>
> Because I am somewhat desperate, I have tested that program. It seems to
> do what the standard keytool does... I copied the generated jssecacert
> file into my ${jre.home}/lib/security directory and hoped for the
> best... But it didn't happen :-( I checked that the file was read using
> a file monitor, and it was read.
>
> It seems that the solution could only be provided by applications (
>
> http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#ciphersuitechoice
> ).
> In this case, Maven should provide the option to override the default
> host name checking algorithm with a do-nothing one.
>
> Adrian.
>
> David Williams wrote:
> > Sorry it was late when I replied. = ) Here's the link
> > http://blogs.sun.com/andreas/entry/no_more_unable_to_find
> >
> > On 10/11/07, Adrian Herscu <[EMAIL PROTECTED]> wrote:
> >> Yeah... Where is the link :-)?
> >>
> >> I tried to play with the keytool program. I have imported the SSL
> >> certificate into my key store; this creates a file named .keystore in
> >> C:\Documents and Settings\me. I tried to run Maven and DAVExplorer;
> >> their behavior did not change :-(
> >>
> >> Now the weird things:
> >>
> >> 1. I have monitored the file access to the .keystore file. When I am
> >> running keytool -list the .keystore file is accessed (seems like my
> file
> >> monitoring program works). When I am running Maven or DAVExplorer, the
> >> .keystore file is not accessed at all!
> >> 2. Maven is able to upload files to my WebDAV server! If I am building
> >> all my modules locally, then I can run mvn deploy and the files are
> >> uploaded!!!
> >>
> >> Adrian.
> >>
> >> Tim Kettler wrote:
> >>> Where's the link :-)?
> >>>
> >>> David Williams schrieb:
> >>>> Adrian,
> >>>>
> >>>> This link may help you. This java program allows you to manually
> >>>> accept the
> >>>> cert and place the generated file in your JDK or JRE. Then the java
> >>>> keeps
> >>>> it as an accept cert. I have not tried this with Maven but it worked
> >>>> with
> >>>> another application where the cert didn't match the server
> name. Down
> >>>> side
> >>>> is that it would have to be on every user's machine.
> >>>>
> >>>> Thanks,
> >>>>
> >>>> David
> >>>>
> >>>> On 10/10/07, Adrian Herscu <[EMAIL PROTECTED]> wrote:
> >>>>> Hi all,
> >>>>>
> >>>>> I am hosting my project sources and binaries with some external
> >>>>> provider. He cannot set up an SSL certificate for my domain name...
> >>>>> Meanwhile, the only alternative is accept those SSL warnings about
> >>>>> domain name mismatch. I am getting them in my browser and also in my
> >> SVN
> >>>>> client.
> >>>>> Now I am trying to set up Maven to build and deploy my project to
> this
> >>>>> provider. The problem is that I am getting these messages from
> Maven:
> >>>>>
> >>>>> <snip>
> >>>>> [WARNING] repository metadata for: 'snapshot
> >>>>> org.wirexn.build.extensions:wirexn-
> >>>>> build-extensions:1.0-alpha-4-SNAPSHOT' could not be retrieved from
> >>>>> repository: s
> >>>>> [EMAIL PROTECTED] due to an error: Error transferring file
> >>>>> [INFO] Repository '[EMAIL PROTECTED]' will be blacklisted
> >>>>> </snip>
> >>>>>
> >>>>> ...and the artifacts cannot be resolved (of course).
> >>>>>
> >>>>> I tried to see if this is a JRE specific problem. Downloaded a
> >>>>> Java-based WebDAV client (DAVExplorer), and it fails to connect with
> >>>>> this error message:
> >>>>>
> >>>>> javax.net.ssl.SSLException: Name in certificate "his.domain.name"
> does
> >>>>> not match host name " my.domain.name"
> >>>>>
> >>>>> Anyone knows about a hidden switch/option/configuration file to make
> >> the
> >>>>> JRE accept the SSL connection even if the host name doesn't match to
> >>>>> that on the certificate?
> >>>>>
> >>>>> Please help,
> >>>>> Adrian.
> >>>>>
> >>>>>
> >>>>>
> ---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >>>>> For additional commands, e-mail: [EMAIL PROTECTED]
> >>>>>
> >>>>>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
