У меня есть среда разработки с IBM Websphere Liberty 8.5.5; перед этим сервером приложений находится IBM HTTP Server (сертификат SSL внешнего ЦС, настроенный для IBM HTTP). Я могу получить доступ к IBM HTTP из Интернета, но с /mfpconsole возникает исключение (см. ниже).
[11/28/16 21:02:44:464 SGT] 00000024 com.ibm.mfp.admin.ui.servlet.ServiceProxy E FWLSE3301E: Problem with SSL certificates. Possible fixes: Put the application server's certificate into the truststore. Or define the JNDI property mfp.admin.ui.cors.strictssl to false (not in production environments).
[11/28/16 21:02:44:464 SGT] 00000024 com.ibm.mfp.admin.ui.servlet.ServiceProxy E Exception java.security.cert.CertificateException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target while redirecting request to :443/mfpadmin/management-apis/2.0/runtimes?fullInfo=true
[11/28/16 21:02:49:759 SGT] 000000c9 com.ibm.ws.ssl.core.WSX509TrustManager E CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN CN= was sent from the target host. The signer might need to be added to local trust store .p12, located in SSL configuration alias defaultSSLConfig. The extended error message from the SSL handshake exception is: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[11/28/16 21:02:49:759 SGT] 000000c9 com.ibm.mfp.admin.ui.servlet.ServiceProxy E Received status 500 for GET https://url:443/mfpadmin/management-apis/2.0/runtimes?fullInfo=true
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
