Hello! > I have an app running in tomcat 9 that makes an ssl call to an external > webservice.
> It fails with these errors in the logs: > ERROR javax.net.ssl.SSLHandshakeException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > I have this in the connectors in the server.xml. > keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" > truststoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" > keystorePass="XXXXXXXX" > truststorePass="XXXXXXX" > I have the root authority certs importated as trusted certs in this p12 file. > Any ideas? Outgoing SSL requests are normally using <JRE>/lib/security/cacerts as truststore: Check if root (intermediate) certificate exists for targeted endpoint. BR, Johann Von: Beard, Shawn M. Gesendet: Montag, 27. April 2020 18:22 An: users@tomcat.apache.org Betreff: tomcat and ssl I have an app running in tomcat 9 that makes an ssl call to an external webservice. It fails with these errors in the logs: ERROR javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I have this in the connectors in the server.xml. keystoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" truststoreFile="/usr/apache/tomcat/ssl/TomcatTrustStore.p12" keystorePass="XXXXXXXX" truststorePass="XXXXXXX" I have the root authority certs importated as trusted certs in this p12 file. Any ideas? Shawn Beard • Sr. Systems Engineer Middleware Engineering 3840 109th Street Urbandale, IA 50322 Phone: +1-515-564-2528 Email: sbe...@wrberkley.com Website: berkleytechnologyservices.com Technology Leadership Unleashing Business Potential CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain private, privileged and confidential information belonging to the sender. The information therein is solely for the use of the addressee. If your receipt of this transmission has occurred as the result of an error, please immediately notify us so we can arrange for the return of the documents. In such circumstances, you are advised that you may not disclose, copy, distribute or take any other action in reliance on the information transmitted.