We have certificates from VeriSign for our domains. However, I am trying to do some testing on our development environment and keep getting certificate errors (since the development IPs don't match production IP's, which we registered the certificate with) and is causing me quite the headache. I can't seem to pinpoint if the issues I am encountering are part of the changes done or if the issues stem from certificate errors.
I have tried adding the Registry key for IE to not care about these errors, but that doesn't seem to help.
Is there anyway I can get around this issue without having to buy more certificates for my development environment?
There are two options. The first one requires less changes to your code and it involves creating new certificates for your development servers instead of reusing the production ones. You don't have to buy them, they can be self signed. I recommend you create a new TrustStore with just the development certificates, and that you specify the truststore when your run your program. java -Djavax.net.ssl.trustStore=truststore -Djavax.net.ssl.trustStorePassword=123456 MyApp You can also add the dev server's certificates to the JDK's default cacerts file typically found on Windows at C:\Program Files\Java\jre6\lib\security\cacerts. This option is less secure but you don't have to change the way you start up the client.
The second options involves changing your your development code to ignore these errors. This usually involves creating your own TrustManger and passing that into the SSLSocketFactory. Here's a good example: http://exampledepot.com/egs/javax.net.ssl/TrustAll.html I don't like this option because you might commit unsafe code to your project that isn't verifying the server's certificates.