Java7 Refusing to trust certificate in trust store

Question

I\'ve a weird problem - a supplier uses TLS SSLv3 with both a self signed client and server certificate. This hasn\'t been a problem with Java1.5 and Java1.6 - simply import

Answer 1

I have also encountered this situation when dealing with JDK 1.7. If req command is invoked with the -x509 option, it's better to uncomment keyUsage line in v3_ca section and generate the CA again with(see http://wwwneu.secit.at/web/documentation/openssl/openssl_cnf.html)

openssl req -new -x509 -days 3650 -keyout ca.key -out ca.crt -config openssl.cnf -extensions v3_ca -batch

And if you use the generated CA certificate to sign other certificate make sure that you also uncomment the item basicConstraints = CA:true and set value to true