2 Java client apps, one SSL protected web services, and inconsistent results depending upon client machine
Posted on 2012-08-21
Two building blocks (instructorAccess and advisorAccess) written by A&A.
I am a Windows OS admin and .NET programmer -- not a JAVA programmer But here goes.
The Java development team wrote two web apps using common code.
There are 5 Windows 2008 R2 64bit machines which run these apps using one tomcat/iis site. All are using JDK/JRE 1.6.31, were built/configured at the same time and designed to be as identical as possible.
The web service's SSL certificate is current and issued by USERTrust Legacy Secure Server CA.
On 4 of 5 Windows 2008 R2 machines, both applications work fine as expected.
On the 5th machine, one app works fine. The second fails and logs this error:
faultString: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
On the face of it, it appears the JRE rejects the certificate while running the one application while while accepting it while running the second.
Does that make any sense at all?
Where would I look to discover differences in SSL acceptance parameters?