|
midrange.com
You shouldn't need to use DCM to do this. What you need is a keystore
(you can generate one on your PC using keytool) to hold the CA
certificate they are using. You then need to add the following code to
switch to that keystore:
// Location of the client keystore.
System.setProperty("javax.net.ssl.trustStore", "/path/to/.keystore");
// Use Sun's reference implementation of a URL handler for the "https"
URL protocol type.
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.interna
l.www.protocol");
// dynamically register sun's ssl provider
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
Matt
-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of tim
Sent: Monday, October 30, 2006 7:12 PM
To: 'Web400'
Subject: [WEB400] Digital Certificate Manager issue
Hello,
I am writing a java application which will validate credit card
information.
I am using API's in an SDK from CyberSource. When I run the app on my PC
it
works fine.
When I run it on the iSeries I get "Certificate is not signed by a
trusted
certificate authority."
On the Cybersource website, I am able to generate a key. I when I tried
to
import the key (key.p12) into the *system certificate store selecting
"Server or Client", I get the message "An error occurred during
certificate
validation. The issuer of the certificate may not be in the certificate
store or the issuer may not be enabled."
To get around that message I import the certificate into internet
explorer
which creates my "trusted root certificate authority". I then export it
and
import it using DCM specifying "certificate Authority". When I View
Certificate Authories, I see "CyberSourceCertAuth" listed as follows:
Common name
CyberSourceCertAuth
Organization unit
Organization name
Locality or city
State or province
Zip or postal code
Country or region
Additional information:
Key length
1024
Private key
No
Certificate Authority (CA) enabled
Yes
Signed certificate
Yes
Serial number
343224324383831393931324324237393034353438
Validity period
03/14/03 04:53:40 - 03/14/12 04:53:40
Issuer:
Common name
CyberSourceCertAuth
Organization unit
Organization name
Locality or city
State or province
Zip or postal code
Country or region
Certificate Revocation List (CRL) Location:
CRL Location Name
None assigned
LDAP Server
None assigned
Now when I try to re-import the *.P12 file as a "Server or client"
certificate , it gives me the following message "A duplicate key exists
in
the certificate store. The certificate or the label may already be in
the
certificate store. The label must be unique" and it creates two
additional
CA's, but no server or client cert as follows:
Certificate Authority (CA)
Status
serialNumber=1374246484016790434557,CN=CyberSource_SJC_US
Enabled
serialNumber=16225033542424206433,CN=v342455
Enabled
CyberSource Certificate
Enabled
When I run my app, I still get the same message.
Can anyone shed any light on this?
Thanks.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
