Unable to find valid certification path to requested target - error even after cert imported

Question

I have a Java client trying to access a server with a self-signed certificate.

When I try to Post to the server, I get the following error:

unable to find valid certification path to requested target

Having done some research on the issue, I then did the following.

Saved my servers domain name as a root.cer file.

In my Glassfish server's JRE, I ran this:

keytool -import -alias example -keystore cacerts -file root.cer

To check the cert was added to my cacert successfully, I did this:

keytool -list -v -keystore cacerts

I can see the cert is present.

I then restarted Glassfish and retired the 'post'.

I am still getting thesame error.

I have a feeling this is because my Glassfish is not actually reading the cacert file that I have amended but maybe some other one.

Have any of you had this issue and can push me in the right direction?

Answer 1

I had the same problem with sbt.
It tried to fetch dependencies from repo1.maven.org over ssl
but said it was "unable to find valid certification path to requested target url".
so I followed this post and still failed to verify a connection.
So I read about it and found that the root cert is not enough, as was suggested by the post,so -
the thing that worked for me was importing the intermediate CA certificates into the keystore.
I actually added all the certificates in the chain and it worked like a charm.