Environment
Novell Vibe OnPrem 3
Situation
SSL error when setting up Vibe to import users.
Error: 2013-10-22 17:15:43,562 ERROR [http-8080-3] [org.kablink.teaming.module.ldap.impl.LdapModuleImpl] - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
eDirectory tree's trusted root cert had been added to the .keystore file for Vibe
Error: 2013-10-22 17:15:43,562 ERROR [http-8080-3] [org.kablink.teaming.module.ldap.impl.LdapModuleImpl] - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
eDirectory tree's trusted root cert had been added to the .keystore file for Vibe
Resolution
The LDAP certificate should be imported into the JAVA keystore in the java directory and not in the Vibe keystore.
The location of the JAVA keystore depends on which JAVA is being used.
For example, if using: java version "1.7.0_40"Java(TM) SE Runtime Environment (build 1.7.0_40-b43)Java HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode)
Then the JAVA keystore is the cacerts file located in /usr/jdk1.7.0_40/jre/lib/security
The location of the JAVA keystore depends on which JAVA is being used.
For example, if using: java version "1.7.0_40"Java(TM) SE Runtime Environment (build 1.7.0_40-b43)Java HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode)
Then the JAVA keystore is the cacerts file located in /usr/jdk1.7.0_40/jre/lib/security