Hi, If you have a self-signed SSL certificate then you could try these instructions: http://blogs.sun.com/andreas/entry/no_more_unable_to_find
They worked for us. Regards, Yuriy On Mon, Sep 28, 2009 at 2:31 PM, Lee, Sung <sung...@tamu.edu> wrote: > I am trying to test the connection to our new CAS 3 server. I made my local > Tomcat server as SSL-capable. > > But when I connect CAS, I get this exception. > > > > SEVERE: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > > > > Do I need a certificate from an authorized CA? Or is there a way to avoid > this? > > > > Below is the error message. > > > > Sep 28, 2009 4:13:26 PM > org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator > retrieveResponseFromServer > > SEVERE: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source) > > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) > > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) > > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown > Source) > > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source) > > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source) > > at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown > Source) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown > Source) > > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown > Source) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown > Source) > > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown > Source) > > at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) > > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown > Source) > > at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown > Source) > > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown > Source) > > at > org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:35) > > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) > > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) > > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) > > at java.lang.Thread.run(Unknown Source) > > Caused by: sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > > at sun.security.validator.PKIXValidator.doBuild(Unknown Source) > > at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) > > at sun.security.validator.Validator.validate(Unknown Source) > > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown > Source) > > at > com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown > Source) > > ... 30 more > > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown > Source) > > at java.security.cert.CertPathBuilder.build(Unknown Source) > > ... 35 more > > Sep 28, 2009 4:13:26 PM > org.jasig.cas.client.validation.AbstractTicketValidationFilter doFilter > > WARNING: org.jasig.cas.client.validation.TicketValidationException: The CAS > server returned no response. > > org.jasig.cas.client.validation.TicketValidationException: The CAS server > returned no response. > > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:181) > > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) > > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) > > at java.lang.Thread.run(Unknown Source) > > Sep 28, 2009 4:13:26 PM org.apache.catalina.core.StandardWrapperValve invoke > > SEVERE: Servlet.service() for servlet jsp threw exception > > org.jasig.cas.client.validation.TicketValidationException: The CAS server > returned no response. > > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:181) > > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) > > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) > > at java.lang.Thread.run(Unknown Source) > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > yuriyzubar...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user