I’m testing a website and need to test whether various userid/password combinations are valid. So I’m trying to write a small class that can test this before I gather that user’s test data.
But when I attempt the login, I get the following error:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Could not find trusted certificate
I am assuming this is equivalent to when you get the Security Alert dialog box in live surfing, and you click on “Proceed Anyway”, or however it’s worded.
How can I get past this? What can I do in on the backend that’s equivalent of responding as above to the Security Alert? I learned that there exist some classes to help you get around this, but I’m runing 1.4.1 and I don’t see them. Also, I just don’t care about whether I trust the security certificate or not. I’m working at a company. The website I’m testing is produced by the same company. I’m not concerned about someone stealing my data or corrupting my computer.
I’m not sure if this is your problem, but Verisign is currently having some massive issues, resulting in lots of applications that work with security certificates failing. Java is one of these applications. The resolution is to upgrade to the latest version from the Sun site. This Sun Alert Notification has other information, and workarounds for when an upgrade is not possible.
Aha!!! Thank you Alereon. I encountered a similar problem at work. An app I had written to automatically download a file from a customer’s website every morning failed to download the file on Thursday morning. When we discovered it and tried to download the file manually we got the certificate expiration dialog. That explained why my app failed but the weird thing was that the certificate expiration date was February 2, 2004 so it didn’t make sense to me that it should fail on January 7. Anyway, we notified the customer and they did something with their server and my app worked fine Friday morning. That solved the problem for us but I’ve been puzzled about what was going on. This apparently explains it. Thanks!
A side effect of the certificate expiration was the failure of Verisign’s Certificate Revocation List server, which has caused other problems. It seems that so many clients have been hitting to CRL to see what’s up now that the master certificate expired, Verisign had to null-route it to keep their network going.