Hello Mohan, > -----Ursprüngliche Nachricht----- > Von: Mohan T <moha...@ramco.com.INVALID> > Gesendet: Montag, 27. Juni 2022 08:18 > An: Tomcat Users List <users@tomcat.apache.org> > Betreff: Help Needed > > Dear All, > > We have deployed a application in tomcat 8.5 and while accessing > > http://sebswarcnv08.ramco:8081/samldemo-0.0.1-SNAPSHOT/hello > > Error retrieving metadata from https://dev- > 67198606.okta.com/app/exk5htsyx3S4UcaHA5d7/sso/saml/metadata > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > > Kindly help us in overcoming thie. > > Thanks > > Mohan
The target server uses SSL. The server therefore has a private key and the client must have the corresponding public key. The error message tells, that your client doesn't have the public key and therefore doesn't trust the servers private key. Usually the private key is signed by a certificate authority or for development it can also be self-signed. Check the "certificate tree" in the browser to check which party has signed the private key and get the public key of the root certificate. This public key must be imported into the java truststore. Here is an example of that tree / chain of trust: https://i.stack.imgur.com/julIO.png Greetings, Thomas --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org