Testing SSL Chaining Issues

Recently I needed to debug an issue by testing SSL chaining issues My old standby tools (curl and openssl were not reporting any errors) The exception javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors Cause The cert from the keystore does not match the cert from . . . → Read More: Testing SSL Chaining Issues

convert valid godaddy cert key to java keystore for tomcat

I spend hours trying to figure this out and here are the fruits of my labor

Problem

You are unable to create a valid Tomcat Keystore using a GoDaddy crt and key file

Curl output may look like this:

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify . . . → Read More: convert valid godaddy cert key to java keystore for tomcat