Hi all,
I'm playing around with using PAC4J to secure KnoxSSO, talking to an OIDC
IdP. I'm getting a TLS handshake error when trying to retrieve the OIDC
configuration as specified by the "oidc.discoveryUri" parameter:
Caused by: org.pac4j.core.exception.TechnicalException:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
at org.pac4j.oidc.client.OidcClient.internalInit(OidcClient.java:297)
How can I add the cert of the IdP to Knox/Pac4J so that the TLS handshake
works correctly? I tried adding it to gateway.jks but it doesn't work. Is
there a separate way to specify a TLS truststore?
Colm.
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
