tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: Error: unable to find valid certification path to requested target
Date Thu, 07 Sep 2006 05:44:47 GMT
You need to import the top level cert into cacerts with -trustcacerts. 
Otherwise it is untrusted.

"Jeanna Geier" <jgeier@apt-cafm.com> wrote in message 
news:008601c6d1d0$4dcf1ea0$6700a8c0@geier...
Hi I'm having some problems connecting to a Slide client and would 
appreciate any help you could offer. I'm a newbie here, so please bear with 
me.

Here's what I've done:

Created a keystore:
>keytool -genkey -alias tomcat -keyalg RSA
and entered info for certificate - name on certificate: localhost

Imported a Verisign trial certificate:
>keytool -import -alias root -keystore .keystore -trustcacerts -file 
>CA_Certificate.cert

Imported new certificate:
>keytool -import -alias tomcat -keystore .keystore -trustcacerts -file 
>CA_Certificate.cert

Exported certificate to file:
>keytool -export -alias tomcat -file server.crt

Imported the certificate into the Java security cacerts file:
>keytool -import -alias root -file server.crt -keystore 
>C:\Java\jdk1.5.0_06\jre\lib\security\cacerts

>keytool -import -alias tomcat -file server.crt -keystore 
>C:\Java\jdk1.5.0_06\jre\lib\security\cacerts

-------------------------------------------------------------------------
When I open Internet Explorer and log in: "https://localhost/slide", I get 
the certificate (as expected) and when I click <yes> I am able to log into 
Slide.

When I attempt to log in using the Slide client, I run into problems.

C:\jakarta-slide-webdavclient-bin-2.1\bin>run.bat
[ Slide ] $ open https://localhost/slide/
connect https://localhost/slide/
Error: sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target
[ Slide ] $

Any ideas? Most everywhere I looked suggested adding the certificate to the 
Java security store, which I've done, or verify that the name on the 
certificate is "localhost" (which it is) to fix the problem.... I've been 
working on this for almost a week with no luck, so any help you could give 
would be greatly appreciated!!
-Jeanna 




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message