| Re: [glassfish-dev] Google reCAPTCHA required certificate missing in GlassFish 5.1 |
I've found a solution. This is it:
keytool -import -file recaptcha.cer -alias recaptcha -keystore GLASSFISH_HOME/glassfish/domains/domain1/config/cacerts.jks -storepass changeit. The keytool.exe file is located at JAVA_HOME/bin.I hope this helps another fellow programmer with no certificate experience.
WARNING: the certificate is only valid for about 3 months; The one I got is valid until next January 2. It seems that this procedure will have to be repeated periodically.
I have a web application that uses Google reCAPTCHA V2. It works fine in GlassFish 5.0 with JDK 1.8.0_144 and also in WildFly 14 with JDK 1.8.0_231. I deployed it to a GlassFish 5.1 server with JDK 1.8.0_231. Site verification fails with the following exception:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I understand that a required certificate is missing. That certificate is present in the cacerts.jks file of 5.0 but missing in 5.1. Listing their content with keytool, I could see that the cacerts.jks file of version 5.0 has 76 certificates, while the file of version 5.1 has only 2 (glassfish-instance and s1as). Replacing the cacerts.jks file of 5.1 with the file of 5.0 my application works just fine in 5.1.I couldn't find any information about a required certificate in Google reCAPTCHA's web page. How do I identify and get the required certificate?Saludos cordiales,
Jorge Campins