Hi,

I'm running a client, which uses client side authentification via
HTTPS. I have stored the private and public key as well as a self
signed certificate inside the client program and also added the
ceritifcate of the server to the truststore.

The server of course has the client's certificate in it's own
truststore (cacerts). The keystore of the server contains a private and
public key of which the later one has a server certificate.

This all works very well. I have installed the client on a different
computer and now on that computer it is not working. I really don't
know why. The program is the same. Both machines run linux. Only the
jdks differ. When I start it on the one I get a ValidationException.

First I thought - oh boy. I forgot to add the server certificate to the
cacerts on the new computer. But then I remember that I don't need it,
because I set this up in my program. Here is the code, which also works
on the one machine:

public final static boolean initSSL(String clientkeystore, String
clientPrivateKey, String clienttruststore) throws
NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException,
IOException, KeyManagementException,
java.security.cert.CertificateException, InvalidKeySpecException,
ClassNotFoundException
 {
   SSLContext sslContext = SSLContext.getInstance("TLS");

   // Get an empty keystore for the client certificate and its private
key
   KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance("SunX509");
   KeyStore keyStore = KeyStore.getInstance("jks");
   keyStore.load(null, null);

   // Load the certificate of the client
   CertificateFactory certificateFactory =
CertificateFactory.getInstance("X509");
   X509Certificate xCertificate = (X509Certificate)
certificateFactory.generateCertificate(getStore(clientkeystore));

   // Load the private DSA key of the client
   ObjectInputStream objectInputStream = new
ObjectInputStream(getStore(clientPrivateKey));
   BigInteger x = (BigInteger) objectInputStream.readObject();
   BigInteger g = (BigInteger) objectInputStream.readObject();
   BigInteger p = (BigInteger) objectInputStream.readObject();
   BigInteger q = (BigInteger) objectInputStream.readObject();
   KeyFactory keyFactory = KeyFactory.getInstance("DSA");
   PrivateKey privateKey = keyFactory.generatePrivate(new
DSAPrivateKeySpec(x, p, q, g));
   keyStore.setKeyEntry("clientkeystore", privateKey, password, new
Certificate[]{xCertificate});
   keyManagerFactory.init(keyStore, password);
   // Get another empty keystore for the server certificate
   TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance("SunX509");
   KeyStore trustStore = KeyStore.getInstance("jks");
   trustStore.load(null, null);

   // Get the trusted server certificate
   CertificateFactory trustcertificateFactory =
CertificateFactory.getInstance("X509");
   X509Certificate trustxCertificate = (X509Certificate)
trustcertificateFactory.generateCertificate(getStore(clienttruststore));
   trustStore.setCertificateEntry("clienttruststore",
trustxCertificate);
   trustManagerFactory.init(trustStore);

   sslContext.init(keyManagerFactory.getKeyManagers(),
trustManagerFactory.getTrustManagers(), null);
   SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

   HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);

   return true;
 }

It can't be the code itself. As I already have said: It works fine.
Then I thought maybe the server certificate in the client program was
tampered in transfer but a hashsum check shows that the program is the
same (its a jar file bye the way).

So how can this be that I get a ValidatorException on the one machine
and not on the other !? Any ideas or suggestions???