Sorry i found the solution in the SSL Troubleshooting guide :) 2011/11/16 Francisco González-Blanch <[email protected]>
> I attach the whole exception stacktrace: > > java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath. > > SunCertPathBuilderException: unable to find valid certification path to > requested target > > org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFromServer(Saml11TicketValidator.java:231) > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:207) > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169) > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:117) > > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76) > > *causa ra�z* > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath. > SunCertPathBuilderException: unable to find valid certification path to > requested target > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731) > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241) > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) > > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206) > > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136) > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) > > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1197) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181) > > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) > > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) > > sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1014) > > sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230) > > org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFromServer(Saml11TicketValidator.java:216) > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:207) > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169) > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:117) > > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76) > > *causa ra�z* > > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath. > SunCertPathBuilderException: unable to find valid certification path to > requested target > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323) > > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) > sun.security.validator.Validator.validate(Validator.java:218) > > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) > > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) > > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) > > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185) > > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136) > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) > > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1197) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181) > > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) > > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) > > sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1014) > > sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230) > > org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFromServer(Saml11TicketValidator.java:216) > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:207) > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169) > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:117) > > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76) > > *causa ra�z* > > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) > java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) > > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) > sun.security.validator.Validator.validate(Validator.java:218) > > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) > > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) > > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) > > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185) > > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136) > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) > > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1197) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181) > > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) > > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) > > sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1014) > > sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230) > > org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFromServer(Saml11TicketValidator.java:216) > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:207) > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169) > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:117) > > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76) > > > 2011/11/16 Francisco González-Blanch <[email protected]> > >> Hi, >> >> We are setting up a cas 3.4.10 war overlayed version, and We just changed >> the ticket registry from default to JPATicketRegistry following the >> instructions in : >> >> https://wiki.jasig.org/display/CASUM/JpaTicketRegistry >> >> We are using oracle and the new tables are well generated and the tickets >> are inserted in the database. >> >> But, when trying to access the app once logged, I'm getting the following >> exceptions: >> >> java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >> valid certification path to requested target >> >> >> javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >> valid certification path to requested target >> >> >> The client used is the java client, set up at web.xml level and receiving >> some parameters via SAML 1.1 >> >> This was working with the default ticket registry but i don't know why it >> is not with the JPATicketRegistry, any ideas? Thanks a lot in advance . >> >> Best, >> >> Francisco >> >> -- >> Francisco González-Blanch Rodríguez >> Grupo Madiva >> Tlf.: +34 913 00 10 44 >> [email protected] >> www.madiva.com >> >> Perfil en [image: LinkedIn] <http://es.linkedin.com/in/fgblanch/> >> >> > > > -- > Francisco González-Blanch Rodríguez > Grupo Madiva > Tlf.: +34 913 00 10 44 > [email protected] > www.madiva.com > > Perfil en [image: LinkedIn] <http://es.linkedin.com/in/fgblanch/> > > -- Francisco González-Blanch Rodríguez Grupo Madiva Tlf.: +34 913 00 10 44 [email protected] www.madiva.com Perfil en [image: LinkedIn] <http://es.linkedin.com/in/fgblanch/> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
