Hello,
We have the follwoing problem with configuring trusted certificates
on Glassfsh (v2 b58g). What we want to do is to invoke web-service via
https. In testing environment we have two hosts with WinXPand
glassfish instances (together with their default generated
certificates). One is hosting web-service, and the other has a client.
After adding server's certificate to config/cacerts.jks on client's
glassfish instance, invoking web-service works. In production
environment, we have a Red Hat machine with the same Glassfish build.
The network is isolated (we can't access CA). We can get the
certificate of the server with a web browser or using InstallCert
(
http://blogs.sun.com/andreas/entry/no_more_unable_to_find). This
time, after adding certificate to config/cacerts.jks we get an
exception, like it wasn't in cacerts.jks.
The stacktrace's exceptions are:
com.sun.xml.ws.client.ClientTransportException: HTTP transport error:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
We did modified InstallCert to make it to write to the right keystore
(cacerts.jks), which we can check with keytool -list. We tried also
adding certificate with ketool itself, but it neihter worked.
Thanks for help in advance.
Thomas
[Message sent by forum member 'tmatynia' (tmatynia)]
http://forums.java.net/jive/thread.jspa?messageID=250376