What to do when you got such a exception for your glassfish:

javax.net.ssl.SSLHandshakeException:
   sun.security.validator.ValidatorException: PKIX path building failed:
   sun.security.provider.certpath.SunCertPathBuilderException:
   unable to find valid certification path to requested target

Caused by: sun.security.validator.ValidatorException:
   PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
   unable to find valid certification path to requested target

Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
   unable to find valid certification path to requested target

   I’ve tried to repair it by using InstallCert.java (it did not worked for me by java … I needed to build it and use java -jar):
read here
   It didn’t help so I went level lower using keytool (adding exported certs from the browser to my java_home keystore ../lib/security/cacerts):
read here
  That still did not so I tried to add  JVM option “-Dsun.security.ssl.allowUnsafeRenegotiation=true” to disable all SSL errors
   still witout success… (this is the moment I have doubts about my job and being java coder… but still searching)
   … the most strange was that the exception didn’t change eventhoug I’ve added it everywhere and I disabled all SSL errors…
   after reading this guy read here
I’ve discovered that there are Glassfish own keystore and cacert files … what of course (after adding to them those certs with keytool) solved the whole problem!

Invoke:

  1. keytool -list -keystore /opt/jcaps/GlassFishESBv22/glassfish/domains/domain1/config/keystore.jks NO NO
  2. keytool -list -keystore /opt/jcaps/GlassFishESBv22/glassfish/domains/domain1/config/cacerts.jks
  3. keytool -list -keystore /usr/jdk/instances/jdk1.5.0/jre/lib/security/cacerts
  4. keytool -import -keystore “/usr/jdk/instances/jdk1.5.0/jre/lib/security/cacerts” -trustcacerts -alias “itmsMetryka” -file itsmweb_corp_tepenet_cert_DER.cer
  5. keytool -import -keystore “/opt/jcaps/GlassFishESBv22/glassfish/domains/domain1/config/cacerts.jks” -trustcacerts -alias “itmsMetryka” -file itsmweb_corp_tepenet_cert_DER.cer

Here I am adding certificate 4. to jvm and 5. to application server.