Hi,
Your reply seems to have the root cause info :
java.security.cert.CertificateException: Certificate contains unsupported critical extensions : [2.5.29.17]
I checked out that extension 2.5.29.17 stands for : SubjectAlternativeName.
now the JavaDoc for X509Extension : (
http://java.sun.com/j2se/1.4.2/docs/api/java/security/cert/X509Extension.html) says :
"Each extension in a certificate/CRL may be designated as critical or non-critical. A certificate/CRL-using system (an application validating a certificate/CRL) must reject the certificate/CRL if it encounters a critical extension it does not recognize. A non-critical extension may be ignored if it is not recognized."
Since the extension in your cert is marked critical and since it does not understand the extension it rejected the cert.
When i googled around i found the following link where the person is talking about downloading the CA cert from a different location in order to obtain the CA cert without the extension.
http://forum.springframework.org/showthread.php?t=42510
Can you try this workaround ?.
Meantime i will investigate why the particular extension is unrecognized.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]
http://forums.java.net/jive/thread.jspa?messageID=258670