Skip to main content

Importing SSL certs to Coldfusion Railo OR Lucee keystore

If you are having the below error:
Railo 3.3.4.003 Error (javax.net.ssl.SSLHandshakeException)
Messagesun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Causejavax.net.ssl.SSLHandshakeException


This means you are trying to invoke an https webservice. to invoke an SSL webserver you need to import the certificate into Railo by using keytool command. Below are the steps on how to do this:

1- use fire fox to open the webservice and click on the padlock as shown on the below image:

2-Click on more information as below:
 3- Click on View Certificate as below:
4-Click on details as below:
 5- Now export the certificate and save it to your computer with .cer extension.

6- Search in railo folder for the keytool command location, in my case it was under railo\jdk\bin

7-  Search in railo folder for the cacerts location, in my case it was under railo\lib\railo-server\context\sec
urity\cacerts

8- Now run the command as below:

RAILO
d:\railo\jdk\bin>keytool -import -keystore D:\railo\lib\railo-server\context\security\cacerts -alias xyz  -file d:\mcjvaplng.cer -storepass changeit -noprompt
 LUCEE
d:\lucee\jdk\bin>keytool -import -keystore D:\lucee\lib\lucee-server\context\security\cacerts -alias xyz  -file d:\certificatename.cer -storepass changeit -noprompt
You will see a message saying:

Certificate was added to keystore


Restart railo/lucee service and your done.

9- If you want to remove unused or unneeded certificate please run the below command:


D:\railo\jdk\bin>keytool -delete -keystore D:\railo\lib\railo-server\context\security\cacerts -alias xyz -storepass changeit

Copying the content and posting it in another blog is strictly prohibited.
Labels:

Comments

  1. Hatem Jaber22 August 2014 at 06:08

    I used the same exact thing on linux and it worked. I didn't have to navigate to the bin directory either, i just typed the word keytool and it worked from the home directory.

    ReplyDelete
  2. Anonymous5 May 2016 at 23:18

    Thank You very much for creation such page. It really helped.

    ReplyDelete
  3. Tim11 March 2020 at 09:54

    For anyone who has to do SSL Certificate integration with Lucee. 

    This solution worked for me. I did not know Lucee had a SSL Certificate installation tool. In my case I am setting up Authorize.net.

    To resolve the issue in Lucee please do the following:

    Log into the Administrator for Server (not Web).

    Go to SSL Certificates under Services.

    Under Host enter entrust.net and click install. 
    Everything suddenly started working for me.  

    I believe that this tool installs the certificate into the JRE for Lucee.  Windows installation of those certificates doesn't do that apparently.  

    My verbose response is in hopes search engines will pick up on this and help others.  Errors I ran into included:

    PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target,

    truststore, keystore, cacerts

    I was tring to install ssl certificates on Windows.

    ReplyDelete
  4. Duluth Gay Asians30 December 2024 at 18:08

    Hi thhanks for posting this

    ReplyDelete

Post a Comment

Popular posts from this blog

Coldfusion Facebook Graph API publish to your wall and your friends walls

In this tutorial we will learn by full coldfusion Graph API code example how to publish on your wall and your friends walls. This application uses new oauth authentication method. The code is divided into four files: we will first start with a file called index.cfm: <cfoutput>         <!--- Your FB application IDS --->       <cfset api_key = ""/>     <cfset secret_key = ""/>     <cfset appID = ""/>     <!--- create a connection to the fb graph cfc --->     <cfset graphCFC = createObject("component", "graph").init(#appID#, #api_key#, #secret_key#) />     <!--- If user is authenticated or his access token is set create a cookie --->        <cfif not isdefined("cookie.access_token") and isdefined("url.access_token")>         <cfset cookie.acce...
29 comments
Read more

Implementation of Facebook Graph API in Coldfusion

Facebook has launched a new FB API called Graph that simplifies FB applications development, the new Graph API allows website owners to create Single Sign On (SSO) with Facebook and allow websites owners to be able to import a lot of users information but after their permissions. The code below written in Coldfusion gives an example on how to Create FB login/logout button and then how to retrieve the created cookie, and use it for further development:     <body>   <cfoutput>     <!--- Your FB application IDS --->     <cfset api_key = "XXXXXXXXXXXXX"/>     <cfset secret_key = "XXXXXXXXXXXXXX"/>     <cfset appID = "XXXXXXXXXXXXXX"/>     <!--- Facebook login/logout button --->     <p><fb:login-button perms="email,user_birthday" autologoutlink="true"></fb:login-button></p>     <!--- Facebook login/logo...
21 comments
Read more

The New Facebook Wall Publishing method Stream.publish

As recently facebook stopped supporting the feedstory publishing method to publish news on users wall and application developers from now on can't create feed templates. Facebook released a new methods to do so which are: FB.Connect.streamPublish stream.publish Facebook.streamPublish I figured out those new methods when I was building a new facebook application yesterday to predict who will win the soccer match between Egypt and Algeria tonight. It took me sometime to succeed in publishing the story on the wall, so I will share with you my experience and how I solved it out in Coldfusion. As I build my applications using the work of Andrew Duckett who created the Facebook Rest Client Component , I will start from FacebookFBMLCLient.cfc file which contains the methods that communicates with facebook APIs. As I have used one of the three methods above which sounded the best as I guess, this example will be based on stream.publish method. The first step is to add the following method...
16 comments
Read more