I created server and client keystore.jks and truststore.jks pairs. server-truststore.jks contains client-public.cer, client-truststore.jks contains server-public.cer. SSL certificates have no CAs, are self-signed ones. If I play the communication locally it works. But after deploying my server I get the exception:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I've tried to put my server/client certificates into carcerts of java security, it didn't help.
The communication only works if I call my WS from SOAP UI. (For SOAP UI I don't need to use truststore.jks)
I checked it out with a famous SSLPoke.class
$ java SSLPoke HOST 443
Successfully connected
$ java -Djavax.net.ssl.trustStore=truststore.jks SSLPoke HOST 443
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
What could solve it?