setting default X509Registry
Locked
 
|
I know I'm doing something wrong in defining the default X509Registry trusted certificates, and this time I thought I would take the time to get clarification instead of modifying system code to make it work.
My goal is to read a trusted certificates file and allow my web service client to communicate with the server. Documentation says I should do something like the following: registry := Security.X509.X509Registry new. certificates := Security.X509.CertificateFileReader readFromFile: 'c:\dmacs10\trustedCertificates.pem'. registry addCertificates: certificates. SSLContext newWithAllCipherSuitesUsing: registry. I keep getting "CA Not in Trust Registry". In the past, I've modified the following method in X509Registry to force the change of default when X509Registry>>newDefault is sent. newFromDefaultCertificateFile "04/01/08 mkp set default to the new value" default:=self newFromCertificateFile: self defaultCertificateFile asFilename. ^default This works, but know this is not the right way to do this. It is strange though that send newDefault doesn't actually change default Thanks for any insight! Mark |
Re: [vwnc] setting default X509Registry
|
|
Try the following (assuming you have sub-directory called 'trust'
containing your pem certs), (ObjectMemory imageDirectory / 'trust' filesMatching: '*.*') do: [:fn | X509Registry addCertificateToTrust: (Certificate fromFile: fn)] Hope this helps, -Boris -- +1.604.689.0322 DeepCove Labs Ltd. 4th floor 595 Howe Street Vancouver, Canada V6C 2T5 http://tinyurl.com/r7uw4 -----Original Message----- From: [hidden email] [mailto:[hidden email]] On Behalf Of markPetersen Sent: Friday, September 11, 2009 9:24 AM To: [hidden email] Subject: [vwnc] setting default X509Registry I know I'm doing something wrong in defining the default X509Registry trusted certificates, and this time I thought I would take the time to get clarification instead of modifying system code to make it work. My goal is to read a trusted certificates file and allow my web service client to communicate with the server. Documentation says I should do something like the following: registry := Security.X509.X509Registry new. certificates := Security.X509.CertificateFileReader readFromFile: 'c:\dmacs10\trustedCertificates.pem'. registry addCertificates: certificates. SSLContext newWithAllCipherSuitesUsing: registry. I keep getting "CA Not in Trust Registry". In the past, I've modified the following method in X509Registry to force the change of default when X509Registry>>newDefault is sent. newFromDefaultCertificateFile "04/01/08 mkp set default to the new value" default:=self newFromCertificateFile: self defaultCertificateFile asFilename. ^default This works, but know this is not the right way to do this. It is strange though that send newDefault doesn't actually change default Thanks for any insight! Mark -- View this message in context: http://www.nabble.com/setting-default-X509Registry-tp25404143p25404143.h tml Sent from the VisualWorks mailing list archive at Nabble.com. _______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc _______________________________________________ vwnc mailing list [hidden email] http://lists.cs.uiuc.edu/mailman/listinfo/vwnc |
Re: [vwnc] setting default X509Registry
|
|
Thanks Boris, the trust file I have has 3 certificates in it it. This method seems to be looking for only one.
I'll try breaking the file up into 3 files and try your suggestion when I get some time. Mark
|
Re: [vwnc] setting default X509Registry
|
|
In reply to this post by Boris Popov, DeepCove Labs (SNN)
Thanks Boris, the trust file I have has 3 certificates in it it. This method seems to be looking for only one.
I'll try breaking the file up into 3 files and try your suggestion when I get some time. Mark
|
«
Return to VisualWorks
|
1 view|%1 views
| Free forum by Nabble | Edit this page |