JESSIE - SSL BAD_CERTIFICATE Exception

Tue Oct 21 17:14:00 GMT 2008

On Oct 21, 2008, at 7:16 AM, Jary Grove wrote:
> Sorry, I was not very clear in my request.
>> I have extracted out the Jessie code from the classpath and 
> compiling it as a seperate project.
> If you tell me which class to modify to ignore this error, it will 
> be very helpfull (atleast it will keep me going until this bug is 
> permanently fixed).
>
No, I understood that. I'm saying that the bug likely isn't even in 
the Jessie code, but in the generic certificate support, in the 
gnu.java.security.x509 package. My guess is that the parser is 
throwing an exception, and Jessie can't setup a connection if there is 
no certificate.
If you've extracted that code, too, then you have a chance of fixing 
or working around this issue. If it is a bug, it's in the class 
gnu.java.security.x509.ext.GeneralName.
But, I was also saying that you can plug-in a different certificate 
parser, and Jessie will use that one.
If you can send me the certificate it's choking on, I might be able to 
figure out more precisely what the issue is.
Thanks.
> Thanks
>>>>> ----- Original Message ----
>> From: Casey Marshall <casey.s.marshall@gmail.com>
>> To: Jary Grove <jarygrove@yahoo.com>
>> Cc: java@gcc.gnu.org
>> Sent: Monday, October 20, 2008 5:44:03 PM
>> Subject: Re: JESSIE - SSL BAD_CERTIFICATE Exception
>>>> On Mon, Oct 20, 2008 at 3:08 PM, Jary Grove wrote:
>>> Any quick fix?
>>> I am compiling Jessie from the source and will be able to plug in 
>>> the changes
>> easily, if you can give me some pointers on how to ignore this error.
>>>>>>> This is actually a problem in the certificate parser, which are a 
>> part
>> of classpath/libgcj itself. You can plug in a different 
>> implementation
>> of this, via the standard security provider APIs.
>>>> Bouncycastle likely has an implementation which isn't as buggy as the
>> classpath one.
>>>>>