[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tomcat-user
Subject:    Re: Help Needed
From:       Christopher Schultz <chris () christopherschultz ! net>
Date:       2022-06-27 12:45:28
Message-ID: b0fd2703-4984-7cc0-8c77-f41123d85eb0 () christopherschultz ! net
[Download RAW message or body]

Mohan,

On 6/27/22 02:17, Mohan T wrote:
> Dear All,
> 
> We have deployed a application in tomcat 8.5  and  while accessing
> 
> http://sebswarcnv08.ramco:8081/samldemo-0.0.1-SNAPSHOT/hello
> 
> Error retrieving metadata from \
>                 https://dev-67198606.okta.com/app/exk5htsyx3S4UcaHA5d7/sso/saml/metadata
>                 
> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: \
> PKIX path building failed: \
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid \
> certification path to requested target

A stack trace will help, here.

The URL you have above has a TLS Certificate signed by DigiCert, which 
is a well-trusted Certificate Authority so, unless you have done 
something specific with your trust store for that connection, it's not 
likely the problem.

Because you are using SAML, I suspect that the error occurs when 
validating the SAML response itself, and your trust store does not 
contain the certificate required to validate the signed SAML response.

-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]