I upgraded my GWT project with CAS. When I test it in dev mode, it works fine. Now I wanted to deploy my project to tomcat. When I'm running it, I can reach the CAS server. But when the CAS server directs me back to my webapp, I'm getting this error.
HTTP Status 500 - javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
type Exception report
message javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
description The server encountered an internal error that prevented it from fulfilling this request.
exception
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:295) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
root cause
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.ssl.Alerts.getSSLException(Alerts.java:192) sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1902) sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1338) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) sun.security.ssl.Handshaker.process_record(Handshaker.java:804) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
root cause
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) sun.security.validator.Validator.validate(Validator.java:260) sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) sun.security.ssl.Handshaker.process_record(Handshaker.java:804) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
root cause
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) sun.security.validator.Validator.validate(Validator.java:260) sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) sun.security.ssl.Handshaker.process_record(Handshaker.java:804) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
note The full stack trace of the root cause is available in the Apache Tomcat/7.0.37 logs. Apache Tomcat/7.0.37
Can't figure out how to fix it.
