Hello,

I am trying to get two-way SSL authentication working between Salesforce and my Tomcat server so I can send encrypted web service calls from Salesforce.  One way works just fine.  However, when I try using the Client Certificate that I downloaded from Setup > App Setup > Develop > API, it gets rejected with a "bad_certificate" IO Exception because Salesforce's certificate expired in 2004 (!!).  I'm not the only one having this problem (see http://community.salesforce.com/sforce/board/message?board.id=general_development&view=by_date_ascending&message.id=19703)  Does anyone know where the new certificate is?