Hello,
I'm attempting to configure a new install of JBOSS 7.1 for SSL. I need to make calls to a server protected via 1-way SSL. Here's what I've done so far, but to no avail:
1 - create a new keystore that contains the public cert from the server I'm connecting to
keytool -genKey -alias jboss -keyalg RSA -keystore server.keystore
keytool -import -alias dppub -keystore server.keystore -file root-ca-cert.pem (i've tried .der also)
2 - configured jboss to use that keystore
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="https" key-alias="jboss" password="xxxx" certificate-key-file="/Applications/jboss-as-7.1.1.Final/standalone/configuration/server.keystore"/>
</connector>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
3 - Coded a servlet to make the call with:
URL url = new URL(url);
HttpsURLConnection urlConn = (HttpsURLConnection)url.openConnection();
So, end result is I keep getting "javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" I realize there are a lot of gaps in my description, but if anyone has any ideas, I would appreciate it!
Thanks!