SSL: Self-Signed Certificate problems...

SSL: Self-Signed Certificate problems...

Using NFA Free/Professional Edition.  I've looked on Google and the forums for this.

We use a Microsoft CA and I've got a .PFX file that I copied into the NFAHOME \conf directory.  I modified my server.xml file like the following:

keystoreFile="./conf/nfa.pfx" keystoreType="pkcs12" keystorePass="mypassword"

I have verified with keytool that the certificate as well as the root is in the pfx file.  Everything appears in that when I go to the site the certificate shows properly. However I noticed that the log directory has the serverout_x.log files and they are 10MB each and build up quickly.  I even went back to using the included certificates created from sslGen.bat.  Even then the serverout_x.logs build up fast.  They do this because of the following error.  Is this happening because JAVA needs to find these in the cacerts under the JREHOME\security directory? Note that we also have EventLog Analyzer and configured the same way and the server_#.log files don't have these errors in them



[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)|
[12:35:12:370]|[12-15-2014]|[SYSOUT]|[INFO]|[24]: at com.adventnet.netflow.dbutils.NFClientUtil.isServerAlreadyRunning(NFClientUtil.java:190)|


              New to ADManager Plus?

                New to ADSelfService Plus?