Hi All
Thanks for you replies. I have tried installing the ssl for the url. but same issue. I took some time to check how the existing url's ssl is done in keystore.. but find nothing in java_home/lib/security. how this can be no ssl certifcates in keystore? if they keystore is exists in app level where does it saved in application Thanks again for the replies. -Anil Andrew Jaquith-4 wrote: > > You are pretty new to this whole Java thing aren't you? > > It appears that 1) your LDAP server requires SSL (a good thing!) and > that 2) your LDAP's SSL certificate is self-signed and therefore not > trusted. > > Java keeps an internal list of SSL certs it trusts. Your self-signed > CA is not one of them. You need to add the SSL certificate CA (that > is, the self-signed root) to your local JSSE trusted certificate > store. This is at $JAVA_HOME/lib/security/cacerts. > > The Java command line tool "keytool" can do this. You can also use my > SSLHelper class, part of my freshcookies-security.jar that ships with > JSPWiki. Indeed, I wrote it for just this situation. See the docs at > freshcookies.org > for details. > > With either aproach, you will need appprpriate admin rights to modify > the truststore. > > Andrew > > On Oct 6, 2009, at 8:29, anilkumarkatta <[email protected]> > wrote: > >> >> >> ....contd. >> Caused by: javax.net.ssl.SSLHandshakeException: >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable >> to find >> valid certification path to requested target >> >> >> anilkumarkatta wrote: >>> >>> Hi All >>> >>> I have tried to authenticate via LDAP server with all the >>> configuration >>> procedure explained in the URL >>> http://www.jspwiki.org/wiki/WebContainerAuthenticationViaLDAP >>> with a user provided LDAP settings, I got firewall team to get the >>> secure >>> port open from where application is talking to the LDAP. >>> >>> i am getting this exception while start of the application >>> >>> >>> 2009-10-06 22:14:04,581 [Thread-2] INFO >>> org.apache.catalina.tribes.membership.McastService - Done sleeping, >>> membership established, start level:4 >>> 2009-10-06 22:14:04,581 [Thread-2] INFO >>> org.apache.catalina.tribes.membership.McastService - Sleeping for >>> 1000 >>> milliseconds to establish cluster membership, start level:8 >>> 2009-10-06 22:14:05,581 [Thread-2] INFO >>> org.apache.catalina.tribes.membership.McastService - Done sleeping, >>> membership established, start level:8 >>> 2009-10-06 22:14:06,144 [Thread-2] WARN >>> org.apache.catalina.core.ContainerBase.[Catalina] - Exception >>> performing >>> authentication >>> javax.naming.CommunicationException: simple bind failed: >>> ARTE001.MYDOMAIN.AK.com:636 [Root exception is >>> javax.net.ssl.SSLHandshakeException: >>> sun.security.validator.ValidatorException: PKIX path building failed: >>> sun.security.provider.certpath.SunCertPathBuilderException: unable >>> to find >>> valid certification path to requested target] >>> at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source) >>> at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source) >>> at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source) >>> >>> >>> where as when I place other deatails of the LDAP its working fine. >>> does this required any cerification files like .jks files.. if so >>> where >>> shall I place them? >>> >>> your replies are most welcome >>> >>> Regards, >>> -Anil Katta >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Web-Container-Authentication-Via-LDAP-tp25767713p25767801.html >> Sent from the JspWiki - User mailing list archive at Nabble.com. >> > > -- View this message in context: http://www.nabble.com/Web-Container-Authentication-Via-LDAP-tp25767713p25818421.html Sent from the JspWiki - User mailing list archive at Nabble.com.
