yes, i did. I have multiple installation on my machine with different versions of the JVM. I installed the new certicates using InstallCert.java program as suggested and crosschecked those intalled cert in the cercert file using keytool list command.
still the same issue. does the application war require any .jks files or .cer file. ? Please advice Jim Willeke wrote: > > Did you look in the jre? > > If you are using a JDK then the file would be: > \jdk1.6.0_14\jre\lib\security\cacerts > > > -jim > Jim Willeke > > > On Fri, Oct 9, 2009 at 5:51 AM, anilkumarkatta > <[email protected]>wrote: > >> >> >> Hi All >> >> Thanks for you replies. >> >> I have tried installing the ssl for the url. but same issue. >> >> I took some time to check how the existing url's ssl is done in >> keystore.. >> but find nothing in java_home/lib/security. >> >> how this can be no ssl certifcates in keystore? >> >> if they keystore is exists in app level where does it saved in >> application >> >> Thanks again for the replies. >> >> -Anil >> >> >> Andrew Jaquith-4 wrote: >> > >> > You are pretty new to this whole Java thing aren't you? >> > >> > It appears that 1) your LDAP server requires SSL (a good thing!) and >> > that 2) your LDAP's SSL certificate is self-signed and therefore not >> > trusted. >> > >> > Java keeps an internal list of SSL certs it trusts. Your self-signed >> > CA is not one of them. You need to add the SSL certificate CA (that >> > is, the self-signed root) to your local JSSE trusted certificate >> > store. This is at $JAVA_HOME/lib/security/cacerts. >> > >> > The Java command line tool "keytool" can do this. You can also use my >> > SSLHelper class, part of my freshcookies-security.jar that ships with >> > JSPWiki. Indeed, I wrote it for just this situation. See the docs at >> > freshcookies.org >> > for details. >> > >> > With either aproach, you will need appprpriate admin rights to modify >> > the truststore. >> > >> > Andrew >> > >> > On Oct 6, 2009, at 8:29, anilkumarkatta <[email protected]> >> > wrote: >> > >> >> >> >> >> >> ....contd. >> >> Caused by: javax.net.ssl.SSLHandshakeException: >> >> sun.security.validator.ValidatorException: PKIX path building failed: >> >> sun.security.provider.certpath.SunCertPathBuilderException: unable >> >> to find >> >> valid certification path to requested target >> >> >> >> >> >> anilkumarkatta wrote: >> >>> >> >>> Hi All >> >>> >> >>> I have tried to authenticate via LDAP server with all the >> >>> configuration >> >>> procedure explained in the URL >> >>> http://www.jspwiki.org/wiki/WebContainerAuthenticationViaLDAP >> >>> with a user provided LDAP settings, I got firewall team to get the >> >>> secure >> >>> port open from where application is talking to the LDAP. >> >>> >> >>> i am getting this exception while start of the application >> >>> >> >>> >> >>> 2009-10-06 22:14:04,581 [Thread-2] INFO >> >>> org.apache.catalina.tribes.membership.McastService - Done sleeping, >> >>> membership established, start level:4 >> >>> 2009-10-06 22:14:04,581 [Thread-2] INFO >> >>> org.apache.catalina.tribes.membership.McastService - Sleeping for >> >>> 1000 >> >>> milliseconds to establish cluster membership, start level:8 >> >>> 2009-10-06 22:14:05,581 [Thread-2] INFO >> >>> org.apache.catalina.tribes.membership.McastService - Done sleeping, >> >>> membership established, start level:8 >> >>> 2009-10-06 22:14:06,144 [Thread-2] WARN >> >>> org.apache.catalina.core.ContainerBase.[Catalina] - Exception >> >>> performing >> >>> authentication >> >>> javax.naming.CommunicationException: simple bind failed: >> >>> ARTE001.MYDOMAIN.AK.com:636 [Root exception is >> >>> javax.net.ssl.SSLHandshakeException: >> >>> sun.security.validator.ValidatorException: PKIX path building failed: >> >>> sun.security.provider.certpath.SunCertPathBuilderException: unable >> >>> to find >> >>> valid certification path to requested target] >> >>> at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source) >> >>> at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source) >> >>> at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source) >> >>> >> >>> >> >>> where as when I place other deatails of the LDAP its working fine. >> >>> does this required any cerification files like .jks files.. if so >> >>> where >> >>> shall I place them? >> >>> >> >>> your replies are most welcome >> >>> >> >>> Regards, >> >>> -Anil Katta >> >>> >> >> >> >> -- >> >> View this message in context: >> >> >> http://www.nabble.com/Web-Container-Authentication-Via-LDAP-tp25767713p25767801.html >> >> Sent from the JspWiki - User mailing list archive at Nabble.com. >> >> >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Web-Container-Authentication-Via-LDAP-tp25767713p25818421.html >> Sent from the JspWiki - User mailing list archive at Nabble.com. >> >> > > -- View this message in context: http://www.nabble.com/Web-Container-Authentication-Via-LDAP-tp25767713p25852406.html Sent from the JspWiki - User mailing list archive at Nabble.com.
