SSL certificate error when we replacing with new PKI in tomcat server
Question
We are replacing new SSL certificates in linux servers. We are facing below error after restarting application services.
Can anyone please suggest to resolve the issue.
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
1 answers
solution1
0 2019-06-04 07:58:58
The JVM is not too confident when it comes to certificates, and requires them to be included in a list of trusted certificates , whose path is $JAVA_HOME\\jre\\lib\\security\\cacerts . The error is telling you the JVM can't validate that certificate because there's no entry for it on the trusted cacert list.
The most common way (AFAIK) for doing this is using the keytool command from the jre/jdk in order to import the certificate to the keystore ( cacerts ). Just as an example:
keytool -importcert -trustcacerts -alias <alias> -file <yourcert> -keystore %JAVA_HOME%\jre\lib\security\cacerts
More info about keytool and importing certs here .
Hope it helps!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.