Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Are there any way to know TLS alert (certificate_expired) from client?

843811Mar 21 2008 — edited Mar 22 2008

Hello folks,

It's first time for me to implement TLS server with Java, and need your suggestion about TLS alert protocol.
RFC2256 defines TLS alert, for example, for "certificate_expired".
I could not find description about TLS alert in JSSE document, so I wrote simple TLS server and client and experiment with expired server certificate.

On client side, SSLSocket throw "SSLPeerUnverifiedException: peer not authenticated" at connect.
Howerver, my server doesn't throw any exception on accept.

Question:
1. Does SSLSocket(client) send TLS alert (certificate_expired) to server on above situation?
2. Are there anyway to detect TLS alert on JSSE server application?

Best regards,

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 19 2008

Added on Mar 21 2008

#java-secure-socket-extension-jsse

5 comments

451 views