Our system is attempting to connect securely to a client's UAT server; they have sent me their system's certificate, intermediate certificate, and root certficate. Their root certificate is self-signed.
I have attempted the following configurations in my Java truststores:
- Added all 3 certificates to the truststore with "trustcacerts" option
- Added the intermediate and root to the truststore with "trustcacerts" option
- Added the root certificate to the cacerts file in /lib/security with trustcacerts option, then added the server and intermediate certificates to truststore with "trustcacerts" option
I am receiving the following exception when attempting to connect:
javax.net.ssl.SSLHandshakeException:
sun.secuvalidator.ValidatorException: PKIX path building failed:
sun.security.providetpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
When I added only the root certificate to the truststore, I received the following error:
No issuer certificate for certificate in certification path found.
Also, I have inspected the certificates and they seem to line up into a certificate chain.
Does anyone know what I have missed or haven't thought of?
