Project

General

Profile

Actions

Bug #6499

closed

Morpho doesn't recognize the commercial certificates

Added by Jing Tao over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
04/04/2014
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:

Description

Currently, morpho overwrites the default keystore of java - it uses the keystore locating at ~/.morpho/truststore. In that keystore, we only have handful certificates there. So it will say "peer not authenticated" even the certificate of the metacat server was signed by a well-known commercial authority.

The reason we did this way is that the certificates from sanparks and knb couldn't be recognized by the java default ca at that time. In order to avoid the users to import those certificates into the java keystore, we shipped a a customized keystore.

It is a trend that the production metacats are using the commercial certificates. So we should use the default java keystore in morpho.

But we need to make sure the sanparks metacat will use a commercial certificate.

Actions #1

Updated by Jing Tao over 8 years ago

  • Status changed from New to Closed

Remove the code in morpho to customize the keystore. Now it uses the default one from java vm.

I tested morpho against the gleon metacat, which has a commercial certificate, by the https connection and it worked.

I also tested morpho against my local metacat which has a self-signed certificate by the https connection. If I didn't import the certificate into the default java keystore, the connection would fail. If I did, the connection would succeed.

Actions

Also available in: Atom PDF