I was trying to setup an external HTTP server so that I can test SSL connections from my Java app. I’ve done this with Tomcat server before. It was easy, just follow the instructions on Tomcat’s document site. All done.
-
Environment
- Windows XP Professional
- Tomcat 6.0.29
- Java 1.6
Not this time. A host of problems:
1. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584) 2. SEVERE: Error initializing endpoint java.lang.Exception: No Certificate file specified or invalid file format at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method) at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:721) 3. SEVERE: Error starting endpoint java.lang.Exception: Socket bind failed: [730048] Only one usage of each socket address (protocol/network address/port) is normally permitted. at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:647) at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:754) at org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137) at org.apache.catalina.connector.Connector.start(Connector.java:1087)
The last issue above is very weird. I ran netstat and no other apps are using the ports that Tomcat is trying to use.
I won’t bore you with the details, suffice to say, I just removed the native library, tcnative-1.dll, from the Tomcat folder and everything works.
Well, not everything, I’m still getting,
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
But, that is more tractable.
Similar Posts:
- SvnKit E170001: Negotiate authentication failed: ‘No valid credentials provided’
- maven-tomcat7-plugin not extracting the war file
- “org.eclipse.search” issue model was not being managed.
- BitTorrent sync: Unable to start updater process
- Tomcat 7 change ROOT application

For that issue you have to export your certifcate from your browser and import into the jre truststore.
And the reason why that dll needs to be renamed is because, if not, the tomcat will use the APR for SSL instead of the JSSE that comes with the jre.
Great info. Thanks!