Hi, thanks for you response I tried to add certificat using keytool for host.domain but i realized that the generated certificate is for host. any idea?
sorry for my bad english. 2007/5/29, Marvin S. Addison <[EMAIL PROTECTED]>: > > sun.security.validator.ValidatorException: PKIX path building failed: > > sun.security.provider.certpath.SunCertPathBuilderException: unable to > > find valid certification path to requested target > > This exception is normally caused by certificate trust issues. There > are two keystores of interest with CAS: > > 1. Tomcat (or other Web application container) keystore > 2. System truststore (truststore == keystore containing only > trustedCertEntry items) > > According to your stack trace, your application is having trouble with > the second. The CASFilter is attempting to make a connection to the CAS > server and failing likely because your system truststore does not > contain your CAS server certificate or its signing certificate chain, > either of which would be adequate for establishing trust. You can solve > this by importing the CAS server certificate (or its signing certificate > chain) into the system truststore ($JAVA_HOME/jre/lib/security/cacerts) > using the Java keytool utility. An alternative is to explicitly define > the system truststore via JVM startup parameters: > > -Djavax.net.ssl.trustStore=/path/to/keystore > -Djavax.net.ssl.trustStoreType=JKS > -Djavax.net.ssl.trustStorePassword=changeit > > where /path/to/keystore is an application-specific keystore created > using the Java keytool utility. > > http://java.sun.com/products/jsse/doc/guide/API_users_guide.html has > detailed information on keystores, truststores, and certificate trust. > > Hope that helps, > Marvin Addison > -- > Application Developer > Middleware Services > Virginia Tech > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
