I have been struggling with getting AEM instances to work with the certs/keys generated by a trusted source. I am following the /libs/granite/security/content/sslConfig.html wizard and AEM tells me everything is configured properly. I then try going to access my instance over https in my browser (incognito window) on my new port and my certificate is recognized by my browser. Finally I go to my replication agent on Author and update the configuration to use the same exact https URL/Port I just tested in my browser that worked minutes before and a simple test of that newly updated agent spits out the following error message:
Replication test failed
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I have double checked the ssl-service and can see my cert/key is correctly installed there.
If anyone has an idea why the replication agent is acting this way and how to fix it I'm open to suggestions.
Thanks
Is it a local cert? Look at the Transport tab, then choose Relaxed. Let me know if that helps.
Related
I am running an application in Eclipse locally. It tries to connect to an external URL to fetch some data. This application works fine from browser, but when I try the same from Eclipse as localhost, I get the below error:
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:456)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:323)
at sun.security.validator.Validator.validate(Validator.java:271)
Many solutions, have mentioned to add the URL certificate from the browser using keytool. This application shows "This site does not have a certificate.". The application URL does not have a certificate.
In this case, how can I fix this issue without a certificate to install?
Regards,
R
looks like you are running any java based application on a web server(e.g. Tomcat) with HTTPS enabled.
If you donot have signed any self certificate, then following link can help:
How to configure Tomcat to support SSL or https
Further this link has discussed the matter in detail:
Stackoverflow Link
I have a Client-Server model Application. The server is running in AWS cloud with ALB SSL Enabled. All my server request are filtered by the ALB.
When I access my server using Chrome web browser all is good with no issues. The browser is able to validate the certificate. But JVM is throwing the below error:
Error Caused by: javax.net.ssl.SSLHandshakeException: PKIX path
building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
This issue not in all the Windows machine select machine which having VPN installed.
How I can Debug this issue?
Am using Java 1.8 version
okay,you can choice 1.8 different branch version,by reading jdk sorce code that is bug.
I have an interesting problem I have yet to find a solution for. I have a Spring Boot application that is attempting to connect to a 3rd party API. When I run this application locally using the embedded Tomcat server, attempts to connect to this 3rd party API fail with the following exception:
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://<third party API endpoint>": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I've imported the certificate for my 3rd party API into my local JDK's keystore and if I run this application on another application server like Weblogic then it executes as expected. I just can't seem to get the Spring Boot embedded Tomcat server to behave properly.
Any advice would be appreciated.
Turns out my issue was a missing 3rd level intermediate certificate that I need to get through my corporate firewall. In order to figure this out I enabled SSL debugging so I could find the missing certificate. I accomplished this by adding the following VM argument to my application:
-Djavax.net.debug=SSL
Once I saw there was a 3rd level certificate, I imported that certificate into my JDK and poof...problem solved.
Maybe check that your java_home and Java.exe in your path point to the same installation. Usually we have multiple jres and a lot of the time certs get installed into a different jre then being run. Maybe inspect the process and make sure it's using the same jre as has the certs (maybe even try jconsole to verify)
I am using this java library to extract GA data. But it is generating the following certificate error:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
I verified that it is trying to establish connection with url https://lhr26s05-in-f13.1e100.net which outputs a certificate error when accessed through the browser. I'm surprised this is happening as this is a google owned domain.
I have tried to manually download the certificate and add it to the cacerts file but that didn't work.
I have also tried to trust the certificate like this which has worked on other projects, but not for this one. I wonder if this is not working because I am using the google api java libraries? I'm out of ideas and would appreciate any suggestions
I am having an xml which will connect to tfs through https connection to get latest files from it. I am trying to run this as ant task invoked from my java scheduler. When i try to invoke it I am getting the following error message :
An error occurred: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
But if i invoke the ant task from a bat file directly, it is working fine without any issues.
Kindly help me out on how to handle the execption when invoking from java
These steps, based on Oracle instructions, worked for me:
Get InstallCert.java (the link in Oracle's instructions is broken)
Compile and execute java InstallCert [host]:[port]
enter '1'
Copy and rename the newly created jssecacerts file as %JAVA_HOME%\jre\lib\security\cacerts (backup the original, just in case)
Rerun Ant, it should not complain about certificate anymore
There may be other solutions as well.