I am attempting to set up a WSO2 Governance Registry server on RHEL5 that will integrate with our Active Directory using ldaps, but normal methods of setting up trust of the domain controllers ssl certificate do not seem to work.
I am starting up the server with JAVA_HOME pointing to /usr/java/jdk1.6.0_43 and PATH adding in the bin under there. I have imported the domain controllers ssl certificate by running this:
openssl s_client -connect adserver:636 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > adserver.cer; keytool -delete -alias adserver -keystore /usr/java/latest/jre/lib/security/cacerts; keytool -import -alias adserver -file adserver.cer -keystore /usr/java/jdk1.6.0_43/jre/lib/security/cacerts
When I start up the wso2greg server though, we get errors: Cannot create connection to LDAP server. Error message Error obtaining connection. simple bind failed PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I did some searching around and got the impression that maybe wso2 would explicitly use a different certs file under repository/resources/security/wso2carbon.jks so I tried importing the certificate to that java keystore as well, but get the same errors.
I have used this same method with other java based server applications to trust LDAP... How do I get WSO2 to find the cert?
