SSLHandshakeException when connecting to server in Jaspersoft Studio

[jacob.hampton]

This is my first time getting Jaspersoft Studio set up. I create a connection to my organisation's Jasper server, which has full, organisation-signed security certificates (signed by UserTrust and Sectigo RSA, if it matters -- if I navigate to the server in a web browser, it says the certificate is valid). Any time I try to connect or test connection, I get the following error:

Reason: javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target[/code]

It never reaches a point of asking whether I want to trust the certificate. I have looked through the Jaspersoft Community, and Google in general, and not been able to resolve this error.

Most instances of this error recommend manually importing the security certificates into Studio's cacerts file. I've done this for each segment of the Certification Path and it has resulted in no change, not even adding any entries to the Trust Store in Studio's settings.

I also tried the resolution in this Question. This results in a little more progress: testing connection results in a "the certificate for this server is invalid" message coming up, with a completely different certificate from the ones actually used by the server. If I then Trust that certificate, I get a different error:

Reason: ; nested exception isjavax.net.sslSSLPeerUnverifiedException: Certficate for <reports.foo.com.au> doesn't match any of the subject alternative names: [fooprodwebsyd01].[/code]

And I then still can't progress and actually use the software.

If you could help me to resolve this, I would greatly appreciate it.

[jacob.hampton]

I investigated further, and it turned out that Jaspersoft Studio was actually referring to a different keystore entirely. Rather than the one in features/jre.win32.win32.x86_64.feature_11.0.8/adoptopenjdk_jre/lib/security/cacerts, it was referring to C:Users<me>JaspersoftWorkspace.metadata.pluginscom.jaspersoft.studiocertificatescert.ks.

This is why manually adding the certificates wasn't working: Studio wasn't even looking at the keystore I added them to.

I tried adding them to the cert.ks certificate, but the "changeit" password didn't work. So instead, I directed Studio to look at the cacerts certificate by adding these two lines to Jaspersoft Studio.ini:

-Djavax.net.ssl.trustStore=features/jre.win32.win32.x86_64.feature_11.0.8/adoptopenjdk_jre/lib/security/cacerts-Djavax.net.ssl.trustStorePassword=changeit[/code]