PKIX path building failed:
1,311 views
Skip to first unread message
nweikeo...@gmail.com
Aug 26, 2021, 7:46:20 AM8/26/21
to Quarkus Development mailing list
Hello,
I'm using Quarkus 2.1.0.Final and I am having aa PKIX path building failed error trying to package my application that uses SSL .
Here's how i set it up:
quarkus.http.insecure-requests=disabled
quarkus.http.ssl.certificate.key-file=META-INF/resources/ssl/myssl.key
quarkus.http.ssl.certificate.file=META-INF/resources/ssl/myssl_cert_1.crt
I am able to build and start the server on dev mode, but get this error when i want to package my application
[ERROR] com.
mypackage .GreetingResourceTest.testHelloEndpoint Time elapsed: 0.876 s <<< ERROR!
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.mypackage.GreetingResourceTest.testHelloEndpoint(GreetingResourceTest.java:15)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.mypackage.GreetingResourceTest.testHelloEndpoint(GreetingResourceTest.java:15)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.mypackage.GreetingResourceTest.testHelloEndpoint(GreetingResourceTest.java:15)
Is there some configuration I'm missing?
Thank you,
Nweike
nweikeo...@gmail.com
Aug 26, 2021, 9:04:08 AM8/26/21
to Quarkus Development mailing list
I have updated my code to supply a keystore. The error has changed to this:
<<< ERROR!
javax.net.ssl.SSLException: Software caused connection abort: recv failed
at com.mypackage.GreetingResourceTest.testHelloEndpoint(GreetingResourceTest.java:15)
Caused by: java.net.SocketException: Software caused connection abort: recv failed
btw , i am using Windows 10 as my dev machine
Kind Regards,
Nweike
Ron McLeod
Aug 26, 2021, 12:16:00 PM8/26/21
to nweikeo...@gmail.com, Quarkus Development mailing list
If your project has the PKI artifacts in src/main/resources, then try specifying:
quarkus.http.ssl.certificate.key-file=/myssl.keyquarkus.http.ssl.certificate.file=/myssl_cert_1.crt
I'm not sure if it is the same with HTTP and Quarkus v2, but I do this with gRPC and version 1.13.7.Final and it works.
--
You received this message because you are subscribed to the Google Groups "Quarkus Development mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to quarkus-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/732bfb80-be75-488a-a145-e2168e52eb30n%40googlegroups.com.
Stuart Douglas
Aug 26, 2021, 7:17:46 PM8/26/21
to nweikeo...@gmail.com, Quarkus Development mailing list
Do not put key files in META-INF/resources, that directory is where static content is served from, it means that you can download the key from http://localhost:8080/ssl/myssl.key
Stuart
--
nweikeo...@gmail.com
Sep 2, 2021, 3:38:07 PM9/2/21
to Quarkus Development mailing list
@Douglas, Thanks for the information on static content.
Reply all
Reply to author
Forward
0 new messages