0

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

tried implementating tls on k8s env deployed service using self signed certificate

Improve this question

1 Answer 1

Reset to default
0

You have to add your self-signed CA chain (or the certificate) to the java truststore of your service which tries to connect to the HTTPS service.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

how to do that is it on developer side or on k8s level?
You could use keytool to generate the truststore and then mount the generated truststore into the container to overwrite the default truststore.
we have created a jks file using a self-signed server certificate, after that we mention it in the docker file and properties file in Git and build the pipeline but still got the same error.
Are you referencing the truststore file correctly? My solution is working with replacing / mounting the default $JAVA_HOME/lib/security/cacerts file with the modified cacerts file in which the CA certificate was added. Good luck!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.