javax.net.ssl.SSLHandshakeException: General SSLEngine problem

IOException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

CAUSE: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


Third party(https) application is communicating to weblogic managed server as a web-service where demo certificates are installed.How can third party application connects to Managed server where some application is running on demo certificates?


Third Party Application (client) -> Weblogic Server (Server)


Default certificate location
+++++++++++++++++++++++++++++
Demo Identity Keystore ==> D:\u01\oracle\Middleware\user_projects\domains\base_domain\security\DemoIdentity.jks
Demo Trust Keystore: ==> D:\u01\oracle\Middleware\wlserver\server\lib\DemoTrust.jks
Java Standard Trust Keystore:==> D:\u01\oracle\java\jdk1.8.0_144\jre\lib\security\cacerts



Just import the "Third party Application certificate" on weblogic managed server and access it.

Where to import the certificate?
import certificate into Trust.jks file and see the result "Root Certifacate.cer"

cd D:\u01\oracle\Middleware\wlserver\server\lib\
D:\u01\oracle\java\jdk1.8.0_144\bin\keytool -importcert -file "Root Certifacate.cer" -keystore DemoTrust.jks -alias "ARCABCSERVER"


Trust store password - DemoTrustKeyStorePassPhrase





How to export the certificate from DemoIdentity.jks and give the certificate "demoidentity.cer" to the client application ?

keytool -export -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -alias demoidentity -file demoidentity.cer

Identity Key store password - DemoIdentityKeyStorePassPhrase