Re: PostgreSQL + SSL - sun.security.validator.ValidatorException

[Kris Jurka <books(at)ejurka(dot)com>]

On Sat, 11 Dec 2004, Andrew M wrote:

> The only problem with this is, how do you copy an openssl {key|crt} 
> pair into a keytool keystore?

No this isn't the problem.  The problem is telling the SSL implementation
that you want to use this cert for client authentication.  The best I can
gather is that you would need to implement a javax.net.ssl.X509KeyManager
and make chooseClientAlias() return the alias of the cert you want to use
in the keystore.  Implementing a X509KeyManager does not look like an easy
thing to do though and there doesn't seem to be a good way of only
extending part of it and falling back to the default implmentation for the 
rest.

Kris Jurka