Setting up SSL in Java 6 (GlassFish 3 server) -


we have java web application running inside glassfish 3 web server.

our application connects ldap server authentication. customer running ldap on ssl i.e ldaps.

so fetched certificate ldap server , added our trusted certificate. still sometime gets:

exception javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: pkix path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable find valid certification path requested target]

further investigation ldap admin, words:

"we added additional servers behind load balancer. if trust server cert instead of ca experiencing problem. should trust ca or should not perform certificate validation"

which means there many ldap server running behind load balancer , each server has different certificate, , trust on 1 particular certificate.

now resolution trust on ca , not on individual certificate.


now @ point confused!

is case can ca certificate , trust on certificate issued ca automatically trusted..

if how that?

will ca certificate fetched ldap server or have ask it?

or have created wrong mind model or there concept missing?

also "trusted root certificate"?

what saying servers signed using common ca (like verisign, thwate etc). need trust ca (you importing ca's trusted root certificate).

you need find out ca being used , check cacerts file see if trust ca (apparently dont since receiving error). there number of ways can find out ca being used can ask ldap admin ca being used. companies use local ca , how ldap servers setup.


Popular posts from this blog

c# - ODP.NET Oracle.ManagedDataAccess causes ORA-12537 network session end of file -

matlab - Compression and Decompression of ECG Signal using HUFFMAN ALGORITHM -

utf 8 - split utf-8 string into bytes in python -