Certificate chaining

Baber Amin (bamin@novell.com)
Thu, 28 May 1998 17:35:51 -0600

Date: Thu, 28 May 1998 17:35:51 -0600
From: Baber Amin <bamin@novell.com>
To: java-security@web1.javasoft.com, bamin@novell.com
Subject: Certificate chaining

Hi, I am having problems with a certificate that we generated with our
PKI product. It is x509V3 with certificate chains. I know that
JDK1.1.3 does not support cert chains. Is it added in JDK1.1.6 yet?
I am using Hot Java Browser 1.1.2, which version of JDK is it using?
I have included the output from the console window, if that helps, your
help is appreciated.

Could you please reply back instead of posting a reply, or atleast send
me pointer as to where I can read the posted reply.

Thanks
Baber

bamin@novell.com

______________ Output from the console window -___________________
java.security.SignatureException: Unsupported signature algorithm
(OID.1.2.840.113549.1.1.5)
at sun.security.x509.X509V1CertImpl.verify(X509V1CertImpl.java:144)
at sun.security.x509.X509V1CertImpl.verify(X509V1CertImpl.java:122)
at sunw.hotjava.security.SSLTrustUI.isTrustedFor(SSLTrustUI.java:156)
at sun.security.ssl.Handshaker.peerCertificate(Handshaker.java:755)
at
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128)

at sun.security.ssl.Handshaker.process_record(Handshaker.java:256)
at sun.security.ssl.SSLSocketImpl.clearPipeline(SSLSocketImpl.java:625)

at sun.security.ssl.SSLSocketImpl.write(SSLSocketImpl.java:437)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
at java.io.OutputStream.write(OutputStream.java:71)
at sun.net.www.https.HttpsClient.doConnect(HttpsClient.java:329)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:268)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:313)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:215)
at sun.net.www.https.HttpsClient.<init>(HttpsClient.java:229)
at sun.net.www.https.HttpsClient.New(HttpsClient.java:242)
at
sun.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:99)

at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:328)

at sunw.hotjava.doc.DocParser.run(DocParser.java:390)
at java.lang.Thread.run(Thread.java:474)

javax.net.ssl.SSLException: untrusted server cert chain
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1071)
at sun.security.ssl.Handshaker.peerCertificate(Handshaker.java:758)
at
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:128)

at sun.security.ssl.Handshaker.process_record(Handshaker.java:256)
at sun.security.ssl.SSLSocketImpl.clearPipeline(SSLSocketImpl.java:625)

at sun.security.ssl.SSLSocketImpl.write(SSLSocketImpl.java:437)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
at java.io.OutputStream.write(OutputStream.java:71)
at sun.net.www.https.HttpsClient.doConnect(HttpsClient.java:329)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:268)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:313)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:215)
at sun.net.www.https.HttpsClient.<init>(HttpsClient.java:229)
at sun.net.www.https.HttpsClient.New(HttpsClient.java:242)
at
sun.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:99)

at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:328)

at sunw.hotjava.doc.DocParser.run(DocParser.java:390)
at java.lang.Thread.run(Thread.java:474)