Menu
▾
▴
Re: [ebxmlms-general] Hermes Cert Path Verification
|
From: Martin S. <nic...@sc...> - 2005-04-07 15:16:05
|
Ups, I saw Patrick Yee's announcement of the change concerning self-signed certificates announced on 19th of March, 2005 too late... sorry. But does this fully explain the behaviour, I described? What is the exact behaviour of Hermes after this change? If I understand correctly, it means, after the change, I cannot use self-signed certs anymore at all? And I have to import the CA Certificate into the configured TrustedAnchor Keystore... no use of cacerts. Any clarification would be appreciated a lot! Thx, Martin. Martin Schimak wrote: > Hello! > > I am testing Hermes with self-signed and with CA-signed Certificates. In > both cases, I experience that the signature is successfully verified, > but the log also always says "Verification of cert path skipped". > > I would like to force Hermes to check, whether it can trust the > certificate which comes along with the signature: either because it's > directly in the keystore configured in the properties file, or because > it knows at least the signing Certification Authority (via cacerts). But > it does not seem to happen, the certificates are always accepted..., > self-signed or not, known or not... > > How can I do this? What could be wrong? > > Thank you in advance...! > Martin. > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > _______________________________________________ > ebxmlms-general mailing list > ebx...@li... > https://lists.sourceforge.net/lists/listinfo/ebxmlms-general > > |
