We where trying to connect from BPEL to a HTTPS service but we ran into SSL problems. After checking all the keystores and it’s locations, it still didn’t seem to pick our keystore up.
The error we found in the log looked like this:
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
After some digging we found out that this is a nice feature. When you don’t remove the DemoTrust.jks from the setDomainEnv.sh, it will not load your defined keystore. Remove the DemoTrust.jks entry and it works like a charm. For the release notes see:
Please follow section “21.2.1 Removing References to the Demo Certificates When Using Your Own SSL Certificates” in the following document:
Oracle Fusion Middleware Release Notes
11g Release 1 (11.1.1) for Linux x86-64
Part Number E14770-11