On 27/04/2020 17:21, Beard, Shawn M. wrote: > I have an app running in tomcat 9 that makes an ssl call to an external > webservice. > > > > It fails with these errors in the logs: > > ERROR javax.net.ssl.SSLHandshakeException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > > > > I have this in the connectors in the server.xml. > > keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" > > truststoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" > > keystorePass="XXXXXXXX" > > truststorePass="XXXXXXX" > > > > > > I have the root authority certs importated as trusted certs in this p12 > file. > > > > Any ideas?
Outgoing SSL calls are nothing to do with Tomcat. Configuration in server.xml will have zero impact on them. You need to code the out going call exactly the same way as you would in a stand-alone Java program. My recommendation is you configure the connection programmatically rather than via system properties although the system properties approach should work. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org