I have a web application that uses Google reCAPTCHA V2. It works fine in
GlassFish 5.0 with JDK 1.8.0_144 and also in WildFly 14 with JDK
1.8.0_231. I deployed it to a GlassFish 5.1 server with JDK 1.8.0_231.
Site verification fails with the following exception:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetI
understand that a required certificate is missing. That certificate is
present in the cacerts.jks file of 5.0 but missing in 5.1. Listing their
content with keytool, I could see that the cacerts.jks file of version
5.0 has 76 certificates, while the file of version 5.1 has only 2
(glassfish-instance and s1as).
Replacing the cacerts.jks file of 5.1 with the file of 5.0 my application works just fine in 5.1.I
couldn't find any information about a required certificate in Google
reCAPTCHA's web page. How do I identify and get the required
certificate?
Saludos cordiales,
Jorge Campins
