Thanks once again for this work Kathleen, On Wednesday, 14 December 2016 23:12:51 UTC, Kathleen Wilson wrote: > 1) Salesforce (in cloud) is using the default Java root store, which is > smaller than Mozilla's root store. This accounts for the > "sun.security.validator.ValidatorException: PKIX path building failed:" > errors. > We're not yet sure how to tell the Java program in the Salesforce cloud to > use a different root store, so please point me in the right direction
I believe the Java system property javax.net.ssl.trustStore (please verify spelling before using) points to a Java Keystore format list of trusted CA certificates which will be used for default SSL connections. I am responsible for some code that manipulates this programatically for our non-public HTTPS-based APIs but the hint above should be enough for a Mozilla person or Salesforce expert to get it working without the bureaucracy of releasing that code. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
