CoderZone.org
Pages: 1 « previous     next »
  Print  
Author Topic: javax.net.ssl.SSLHandshakeException  (Read 8580 times) Bookmark and Share
cuberat
Newbie
*
Posts: 40


View Profile
« on: Dec 03, 2010, 06:56:09 am »

what is this?

Nov 24, 2010 11:42:33 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet SelfTestUtil threw exception
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Logged
Mr. Crane
Jr. Member
*****
Posts: 63



View Profile WWW
« Reply #1 on: Dec 03, 2010, 07:43:25 am »

It's possible that this page may have the answer:

http://blogs.sun.com/andreas/entry/no_more_unable_to_find

Some of you may be familiar with the (not very user friendly) exception message
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
when trying to open an SSL connection to a host using JSSE. What this usually means is that the server is using a test certificate (possibly generated using keytool) rather than a certificate from a well known commercial Certification Authority such as Verisign or GoDaddy. Web browsers display warning dialogs in this case, but since JSSE cannot assume an interactive user is present it just throws an exception by default.

What happened was that the program opened a connection to the specified host and started an SSL handshake. It printed the exception stack trace of the error that occured and shows you the certificates used by the server.
Logged

Traveling through the Digital Age at 33⅓rd revolutions per minute.
wheels
Jr. Member
*****
Posts: 62



View Profile
« Reply #2 on: Dec 03, 2010, 03:06:08 pm »

I've used this:

http://blogs.sun.com/gc/entry/unable_to_find_valid_certification

java InstallCert domain.com
cp jssecacerts  /usr/java/jdk1.6.0_18/jre/lib/security   (adjust paths if necessary)

Restart Catalina
./catalina.sh stop
./catalina.sh start
Logged
cuberat
Newbie
*
Posts: 40


View Profile
« Reply #3 on: Dec 04, 2010, 08:27:06 am »

thanks!

turns out it was a purchased certificate but the authority wasn't trusted

had to run this for all the servers
Logged
Tags:
Pages: 1
  Print  
 
Jump to: