07-17-2016 08:29 AM
when we configured our jboss for https acees as the jboss document we couldn't validate sas conent server after modifing smc.ini file
"the pdf file say edit sasmc.ini file but it's not exist i only see smc.ini"
[7/17/13 7:00 AM] INFO: Starting simple validation for WebDAV server (level 1) - ping
[7/17/13 7:00 AM] INFO: Ping successful!
[7/17/13 7:00 AM] INFO: Starting extended validation for WebDAV server (level 1) - Making a connection
[7/17/13 7:00 AM] INFO: Path: 'https://sas93:8443/SASContentServer/repository/default/sasfolders/'
[7/17/13 7:00 AM] SEVERE: Exception accessing https://sas93:8443 (sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
07-18-2016 04:13 AM
Are you following the instruction in the Configuring One-Way SSL Authentication section in Configuring the JBoss Application Server for Secure Sockets Layer and Client-Certificate Authentication on SAS® 9.3 Enterprise BI Server Web Applications at https://support.sas.com/resources/thirdpartysupport/v93/appservers/ConfigureJBossforSSLandClient-Cer...
If so, I think you may have sasmc.ini and smc.ini mixed up in your statement "the pdf file say edit sasmc.ini file but it's not exist i only see smc.ini". The PDF (above) mentions smc.ini but in my installation the file is sasmc.ini (i.e. there is a typo in the PDF).
I have seen that PKIX message many times and it usually means that the server certificate offered by the web (application) server (JBoss in this instance) is not trusted, in that the required certificate-authority (CA) certificate in the chain of trust cannot be found in the JRE's trust store. There are 2 ways to resolve this 1) update the default JRE trust store JREHOME/lib/security/cacerts to add the CA cert so all applications using that JRE can use it or 2) direct a Java application to use a specific keystore using the javax.net.ssl.trustStore* system properties as describe in the SAS PDF on page 11
You can tell which JRE SASMC is using by looking in the sasmc.ini file. It usually refers to JREHOME which is defined in the included sassw.config in the SAS home dir (usually 2 directories above sasmc.ini).