Do you also have a copy of the certificate used by your cert. vendor to sign your server's certificate, and so on up to the selfsigned root CA certificate? It looks like it is unable to build the complete trust path.
Browsers and suchlike may come packed with big bundles of CA certificates that most users just blindly trust, but a JKS truststore is created empty -- annoying, but it's for a good reason. Common practice is for a program asserting identity via certificate to provide the entire chain up to the root. To do that, you need to install those higher-level certificates. Your CA probably has a page that provides its signing cert., as well as their root cert. if they use the common practice of separating the two functions. (Notice I didn't say the page will be easy to find.)-: -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 percent of world population has broadband. -- Ledford and Tyler, _Google Analytics 2.0_
pgpOxtZJTmfIt.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech