Question | Answer |
|---|---|
I keep getting the following message in my logs, how do I fix this? javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertÂPathBuilderException: unable to find valid certification path to requested target | Java cannot find your truststore file; make sure you supplied the correct VM-arguments to the web server). |
My (application server) server keeps complaining about the HTTPS hostname being incorrect! How do I fix this? | Your certificate & keystore do not have the FQN (Fully Qualified name) – <HostName>.<DomainName>. By default, the application server tries to perform a few "sanity" checks upon the SSL-connectors' URL before accepting a connection. When the FQN is part of the keystore, the application server will no longer complain. |
The application server seems to work, but the client won't connect! It complains about the hostname of the server not being found! | Probably your servers' certificate has a common name (CN) that does not correspond to a hostname that can be resolved through DNS. Add the hostname of the application server to DNS. |
How do I detect whether my application server uses a private hostname? | Try the command nslookup <hostname> in a command prompt. If the result of this command is the IP-address of your application server server, it probably has a public hostname. If it gives an error, like non-existent domain or such, your application server has a private hostname. |