I ran into this problem myself. I fixed this by updating the cacerts file in the JVM ($JAVA_HOME/jre/lib/security) with the same file from a JDK1.4 installation. Apparently, the JDK 1.4 knows about a lot more licensing agencies (like Verisign, Thawte etc) than JDK 1.3 ever did. This would work for all certificates issued by known agencies/common agencies, even test/trial ones. If you use a custom certificate, then you would have to export the certificate out of your server and import it into the JVM of your app server/web server. Hope this helps.