Date: Fri, 14 Jul 2006 18:15:59 +1000 From: Joe Shevland <jshevland@rowantreesoftware.com.au> To: freebsd-java@freebsd.org Subject: Re: Failed to communicate to CE Message-ID: <44B752BF.6060905@rowantreesoftware.com.au> In-Reply-To: <44B69A84.8060200@centtech.com> References: <44B5CBE9.6080400@centtech.com> <44B61F91.1030209@rowantreesoftware.com.au> <44B69A84.8060200@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Eric Anderson wrote: > On 07/13/06 05:25, Joe Shevland wrote: >> Eric Anderson wrote: >>> Hi everyone, >>> >>> I'm new to this list, so please let me know what extra details are >>> needed. >>> >>> One application I have, gives me this error: >>> >>> Failed to communicate to CE >>> javax.net.ssl.SSLHandshakeException: >>> sun.security.validator.ValidatorException: PKIX path building >>> failed: sun.security.provider.certpath.SunCertPathBuilderException: >>> unable to find valid certification path to requested target >>> >>> Is this a bug in the app, or FreeBSD java? If I run this program on >>> linux, and remote display it to FreeBSD, it works fine. >>> >>> I'm running against the new diablo-jre (package, not port) on >>> FreeBSD 6-STABLE. >>> >>> Thanks, >>> Eric >>> >>> >>> >> >> Fairly sure thats the message you get when you don't have the >> certificate of the server (or its CA) in your trusted keystore (or >> perhaps in this case the default keystore Java is using - cacerts >> perhaps). Client apps I've written that need to use SSL with a >> server's self-signed certificate, I'd export the servers certificate >> and import it into a keystore on the client, then set >> -Djavax.net..trustStore=<file_loc>. > > Found it! (Thanks for the help) > > Here's what it was: > /usr/local/diablo-jre1.5.0/lib/security/ > > I used the directory from a linux machine, and it works like magic. > > Thanks.. > > Eric Just posting back to the list in case the JRE needs an updated cacerts file. That may not be the case if it was a custom certificate. Cheers Joe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44B752BF.6060905>