Do you also have a copy of the certificate used by your cert. vendor to sign your server's certificate, and so on up to the selfsigned root CA certificate? It looks like it is unable to build the complete trust path.
Browsers and suchlike may come packed with big bundles of CA
certificates that most users just blindly trust, but a JKS truststore
is created empty -- annoying, but it's for a good reason. Common
practice is for a program asserting identity via certificate to
provide the entire chain up to the root. To do that, you need to
install those higher-level certificates.
Your CA probably has a page that provides its signing cert., as well
as their root cert. if they use the common practice of separating the
two functions. (Notice I didn't say the page will be easy to find.)-:
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Balance your desire for bells and whistles with the reality that only a
little more than 2 percent of world population has broadband.
-- Ledford and Tyler, _Google Analytics 2.0_
pgpOxtZJTmfIt.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
