JRE

ColdFusion / Java: PKIX path building failed: java.security.cert.CertPathBuilderException: Could not build a validated path

We tried to access a remote webservice from a partner and they updated their certificate a few days ago. This request fails with an very unhelpful error message in ColdFusion.

Symptom:

  • ColdFusion CFHTTP is broken if you access a SSL site, but it worked in past.
  • ColdFusion CFDUMP says Connection Failure with I/O Exception: peer not authenticated
  • ColdFusion CFDUMP says I/O Exception: sun.security.validator.ValidatorException: PKIX path building failed: java.security.cert.CertPathBuilderException: Could not build a validated path.

Analysis:

Since intermediate certificates have been provided by the server it can only be the root level certificate. But there may exists other situations where the certificate chain my be incomplete and you get the same error. Verify this with SSLLabs or a certificate checker from a certificate authority very first. Be aware that they sometimes fail to show missing intermediate certificates.

Code for testing:

WiX: How to check if JRE is installed on install only

Checking JRE can be done with below code. I found this on the net, but it failed for me with WixUI_FeatureTree and WixUI_Mondo setup interfaces. The problem was that the condition has not checked on install only. Therefore I got the condition message also if I tried to modify features and this blocked me from changing installed features. The added Installed OR makes sure this condition is only checked on the very first install and not later. It would otherwise cause serious issues for the user if the application should be removed after the JRE has been uninstalled, but your application not before.

JRE