cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSLHandShake Exception: PKIX Path Building failed

Former Member

on ‎11-20-2013 5:17 PM

0 Kudos

Hi,

I have a custom JEE Application running on NWA. We need to invoke a SSL WebService through my application.

However, whenever I invoke the webservice, I am getting the following exception:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

We have added the certificate in the TrustedCAs List in NWA.

I have also tried setting the property:

System.setProperty("javax.net.ssl.trustStore", "com.sap.security.core.server.https.SecureConnectionFactory");

But I am still getting the same exception. The WebService works fine from WebServicesNavigator in NWA.

Please let me know any solution to this.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

vijay_kumar49
Active Contributor
‎11-21-2013 6:15 AM
0 Kudos

The error appears to be happening in the SSL handshake.  So it might be helpful to do some SSL debugging.

Try these options at startup:

-Djavax.net.debug=ssl:handshake:verbose
 -Djava.security.debug=certpath

And check out this site for what you are seeing in the debug output. (skip to the “Observing the Handshake” section):

https://developer.connectopensource.org/display/CONNECTWIKI/SSL+Handshake

Or

Option1

System.setProperty("javax.net.ssl.trustStore", "C:/.keystore"); 
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

Option2 Setting below in environment variable

CATALINA_OPTS -- param name

-Djavax.net.ssl.trustStore=C:\.keystore -Djavax.net.ssl.trustStorePassword=changeit ---param

Option3 Setting below in environment variable

JAVA_OPTS -- param name

-Djavax.net.ssl.trustStore=C:\.keystore -Djavax.net.ssl.trustStorePassword=changeit ---param value

Hope this is help full

Regards

Vijay

Show replies
Show replies
Ask a Question