I am working with a developer who is coding an application that initiates a connection to a server via SSL. It is an anonymous SSL connection, and therefore just requires access to the root certificates that signed the server certificate of the server we are connecting to. When the user tries to connect to the target server via SSL, an error along the lines of "can't verify SSL server certificate verification chain" occurs. The Weblogic server is using SSL correctly, and I am running a custom JKS for the server identity and trust keystores. I can hit the Weblogic server admin console on port 443 (I changed it to that port), and the certificate shows up fine in openssl.
I even loaded the certificate of the target server into the trust keystore to guarantee there would be no issues. The real question is does my developer have to insert a call in his to code to open the trust keystore upon a connection? I thought the default certificate and trust keystore would be used by all applications. Any help is greatly appreciated. Thanks.