-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Miguel,
On 4/26/12 3:35 AM, Miguel González Castaños wrote: >> If no web browser reports the server certificate as not valid, >> then what's the problem? >> > From my original email: > > "Now that I'm trying to configure javamelody in Tomcat 5 with HTTPS > I get the following error when I try to add the context and the > URL: javamelody avax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target." So this is an error you get from Javamelody? I thought you were getting this on the server you were monitoring (i.e. the main webapp, not javamelody). > I'm trying to add my context and the URL for my webapp in the > javamelody application: > > http://myweb.com/javamelody/? Forgive my ignorance (I have no experience with Javamelody), but is this how you add a webapp to javamelody for monitoring? > I get two fields and an Add button to do that. In my tests I was > able to do add a monitor for my webapp if it uses the HTTP protocol > but not in the production system where it uses HTTPS. > > The question is, how do I know that I have added the right > intermediate certs from verisign? I thought you needed to configure your own Tomcat server to *use* an SSL certificate. It seems that you were already doing that without a problem (because most clients seem to be happy with the certificate chain presented by the server). If Javamelody won't connect, it's probably because Javamelody is using some keystore that doesn't have the intermediate certificates that I was discussing. You should check the Javamelody documentation for what keystore it uses, or how it can be configured to use the keystore of your choice. At this point, I think you need to go to the Javamelody folks and ask over there: this does not seem to be a Tomcat-related problem at all. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+ZULwACgkQ9CaO5/Lv0PAKhwCgixeUlDkPQFiXg+k2AqxfUkPL p0QAnRPmbpcTDGYJAsH93n4x6r3ZZdvO =l5nQ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
