Hello,

I'm attempting to configure a new install of JBOSS 7.1 for SSL. I need to make calls to a server protected via 1-way SSL.  Here's what I've done so far, but to no avail:

1 - create a new keystore that contains the public cert from the server I'm connecting to

    keytool -genKey -alias jboss -keyalg RSA -keystore server.keystore
    keytool -import -alias dppub -keystore server.keystore -file root-ca-cert.pem (i've tried .der also)

2 - configured jboss to use that keystore

    <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
        <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
        <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
            <ssl name="https" key-alias="jboss" password="xxxx" certificate-key-file="/Applications/jboss-as-7.1.1.Final/standalone/configuration/server.keystore"/>
        </connector>
        <virtual-server name="default-host" enable-welcome-root="true">
            <alias name="localhost"/>
            <alias name="example.com"/>
        </virtual-server>
    </subsystem>

3 - Coded a servlet to make the call with:

    URL url = new URL(url);
    HttpsURLConnection urlConn = (HttpsURLConnection)url.openConnection();

So, end result is I keep getting "javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" I realize there are a lot of gaps in my description, but if anyone has any ideas, I would appreciate it!

Thanks!