PKIX path building failed. Self-signed SSL certificates

2.7k views Asked by At

I created server and client keystore.jks and truststore.jks pairs. server-truststore.jks contains client-public.cer, client-truststore.jks contains server-public.cer. SSL certificates have no CAs, are self-signed ones. If I play the communication locally it works. But after deploying my server I get the exception:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I've tried to put my server/client certificates into carcerts of java security, it didn't help.

The communication only works if I call my WS from SOAP UI. (For SOAP UI I don't need to use truststore.jks)

I checked it out with a famous SSLPoke.class

$ java SSLPoke HOST 443
Successfully connected

$ java -Djavax.net.ssl.trustStore=truststore.jks SSLPoke HOST 443
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

What could solve it?

0

There are 0 answers