You may get this error when you try and run a Java client to a SSL based web service. If you do experience this problem, you need to point to the WAS ssl.client.props file and add the cert to the chain.  You will probably be prompted, and when you do, you’ll need to answer Y to add this cert to the keystore and you’ll be good to go from there on.

-Dcom.ibm.SSL.ConfigURL=file:C:\IBM\WebSphere61\AppServer\profiles\AppSrv01\properties\ssl.client.props

There may also be a need to have your client code (either Java or via a websphere deployed app) call into an SSL based web service.  And if so, you will first need to make sure you run the ikeyman utility in the bin folder of WAS and install the cert from the vendor or provider (simply add the cert to the DummyServerTrustFile.

The trick here is having your application know about the trust file.  If you want to make use of your trust files and keystores, thenyou will need to add the following JVM parms in the server instance (note the password is typically WebAS):

-Djavax.net.ssl.trustStore=C:/jks/DummyServerTrustFile.jks -Djavax.net.ssl.trustStorePassword=WebAS -Djavax.net.ssl.keyStore=C:/jks/DummyServerKeyFile.jks -Djavax.net.ssl.keyStorePassword=WebAS