Yes, I've checked it loading certificate alias and other parameters (like expire date).
I think that in my truststore maybe a root certificate is missing. Myabe in my local envirnment root cert is found in jdk cacerts. thanks in advance luke Il giorno gio 23 mag 2019 alle ore 14:34 Colm O hEigeartaigh < cohei...@apache.org> ha scritto: > Is the certificate of the service stored in your truststore? > > Colm. > > On Thu, May 23, 2019 at 1:27 PM Luca Maderna <luca.made...@gmail.com> > wrote: > > > Hi, > > I'm developing a cxf https client. > > Now I'm trying to set TrustManagers and KeyManager as explained in > > ClientNonSpring > > example. > > > > In my local environment it work correctly; > > - I load correctly certificate in keystore; > > - I correctly connect to cxf server using certificate. > > > > When I deploy my application in production environment, at cxf services > > first access, this exception has been raised: > > > > Caused by: sun.security.validator.ValidatorException: PKIX path building > > failed: sun.security.provider.certpath.SunCertPathBuilderException: > unable > > to find valid certification path to requested target > > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) > > at > > > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) > > at sun.security.validator.Validator.validate(Validator.java:260) > > at > > > > > sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) > > > > at > > > > > sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) > > > > at > > > > > sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) > > > > at > > > > > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1491) > > > > thanks in advance > > luke > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >