Hello
I have recently written a Java class which queries an API using HTTPS GET, the response from the API is XML. The XML response can be seen OK using Firefox and my Java class reads it OK when called from a standalone program. My Java class also works OK from a web application when it is running under NetBeans and SJSAS on my Windows PC.
When I deploy the same web application to a Solaris box running SJSAS 8.1 my class fails with the error:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
The server hosting the API is on an internal network but it is beyond my control, Firefox tells me its encryption certificate is not verified, it was home made.
I understand that I need to make the JVM running my web application under SJSAS, trust the certificate on the remote server. Towards this objective I extracted the certificate using Firefox and exported it in X.509 format. I then imported it into one of many keystore files using:
cd /opt/SUNWappserver/jdk/jre/lib/security
keytool -import -alias directoryqa2 -file directoryqa2.xxxxx.com.x509.crt -keystore cacerts -storepass changeit
I am totally in the dark about which keystore file gets used for what and which version of SJSAS / Glassfish uses which keystore files. I assume the application server has a keystore file that relates to incoming requests, I am not interested in that. I am only concerned with outgoing requests and responses
I suspect that I have imported the certificate into an irrelevant keystore file.
Any help gratefully received.
[Message sent by forum member 'vincewebb' (vincewebb)]
http://forums.java.net/jive/thread.jspa?messageID=320320