Configuring outbound SSL connection from JBoss EAP 6 / 7
Issue
- Which truststore/keystore is used to hit/access external HTTPS web site?
- connection fails
- Configure keystore/truststore in standalone.xml/domain.xml without system properties
-
Getting the following exception
SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.Handshaker.fatalSE(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.Handshaker.fatalSE(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.Handshaker.processLoop(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.Handshaker.process_record(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) [jsse.jar:1.7.0_05] at sun.security.ssl.AppOutputStream.write(Unknown Source) [jsse.jar:1.7.0_05] at java.io.BufferedOutputStream.flushBuffer(Unknown Source) [rt.jar:1.7.0_05] at java.io.BufferedOutputStream.flush(Unknown Source) [rt.jar:1.7.0_05]
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 7
- 6
- Outbound/outgoing SSL/TLS connection
- Remote Server must trust client TLS key
- Server Key is not signed by root Certficate Authority (CA)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
