Hi!
I'm trying to deploy a production environment for a dcm4chee with the following architecture:
I'm using a standalone Keycloak server (which is properly working and used by other apps) which has been deployed using the official
jboss Keycloak Docker image (not the one from dcm4chee).
I'm using a standalone postgres server from AWS RDS.
I've tried to deploy all this architecture in my localhost machine (except the postgres which already was in RDS) and I've been able to make it properly run. But when I try to deploy it into the cloud, if I go to /dcm4chee-arc/ui2 I'm properly redirected to the Keycloak login, after login I'm properly redirected to /dcm4chee-arc/ui2 again, but there I get a Forbidden error.
I've tried to deploy the slapd and the dcm4chee-arc images into my local machine (using the Keycloak from the cloud) and I'm getting the same error.
If I check the server logs then I see the following error:
ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I've seen other threads with this kind of error, but I think that they were more related to a Keycloak issue, and I suppose that in my case is a dcm4chee-arc issue.
I suppose that what happens is that my dcm4chee does not have the AWS certificate included in its keystore, but I don't know how to add it. I know there is a variable in the Docker image to set the keystore file, but I don't know how to use it.
I'm not really used to work with java wildfly servers and with the keystore and truststore, so i'm a little bit lost with this.
Does anyone could help me with this?
Thanks in advance!