From the browser debug tool I saw some errors 500 with the following headers errors:
com.ibm.jsse2.util.j: PKIX path building failed: java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is: java.security.cert.CertPathValidatorException: The certificate issued by CN=GeoTrust Global CA, O=GeoTrust Inc., C=US is not trusted; internal cause is: java.security.cert.CertPathValidatorException: Certificate chaining error
The reverse proxy was configured to expose the app with TLS security so I've exported the certificate from Firefox to a file using crt format.
After the certificate response, i followed the following steps :
- ssh to the server and copy the crt files
- cd /opt/was_lp/usr/servers/servername/resources/security
- /opt/was_lp/java/java_1.7_64/bin/keytool -importcert -trustcacerts -alias AliasCert -file cert.crt
aftert the keytool you will get the folloing confirm request
Trust this certificate? [no]: yes
Certificate was added to keystore
as last steps you have to configure the trusted stor inside the server.xml that is usually in a path similar
/opt/was_lp/usr/servers/servername
here check if the following line is present and then check the password.
<keyStore id="defaultKeyStore" password="passwordStore"/>
After a restart the websphere liberty profile had trust the SSL certificate and the app has started to run properly.
After a restart the websphere liberty profile had trust the SSL certificate and the app has started to run properly.
No comments:
Post a Comment